* Bernhard R. Link <brl...@debian.org> [110803 13:06]:
> In other words: I'm totally at loss how this effect can
> cause this. I will try to run it in the debugger with some
> read watchpoints for the changed parts to see where it can
> have a difference, but ....
I've finally found the bug:
ps.c is using some sec_sscanf (from secscanf.c) instead of
regular sscanf or instead of doing some proper parsing.
As sec_sscanf differs from regular sscanf about it variadic
arguments gcc cannot test if the arguments given match the
format string, especially it is lost about sec_sscanf
wanting a 'char *' and a 'size_t' for ever '%s' or '%256s'
it gets. Thus when ps.c does
sec_sscanf(line+lenght("%%BoundingBox:), "%256s", text);
the size of text field is not given, so some random value
is returned by the 'va_arg(ap, size_t)' in secscanf.c
If that random value is smaller than the length of "(atend)"
then this will be copied incompletely and thus
not be recognized.
Bernhard R. Link
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
