Bug in prefix hierarchy handling?
Olly Betts
olly@survex.com
Fri, 16 Jan 2004 18:38:14 +0000
--VS++wcV0S1rZb1Fb
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
On Fri, Jan 16, 2004 at 06:17:05PM +0000, David Loeffler wrote:
> Is it fixable?
Yes, I've fixed it already. I've attached a patch (cd to the
survex-1.0.27 directory and apply using: patch -p0 < img.c.patch
On Fri, Jan 16, 2004 at 06:07:59PM +0000, Wookey wrote:
> I'll be expecting a 1.0.28 soon then....
It's been there a while and nobody has reported it, so I don't think
it's vital to rush out a new release within hours of it being noticed.
I'd like to put together a test case which probes any other corner cases
to make sure there's nothing else like this lurking...
Cheers,
Olly
--VS++wcV0S1rZb1Fb
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="img.c.patch"
Index: src/img.c
===================================================================
RCS file: /usr/data/cvs/survex/src/img.c,v
retrieving revision 1.89
diff -p -u -u -r1.89 img.c
--- src/img.c 22 Nov 2003 00:51:28 -0000 1.89
+++ src/img.c 16 Jan 2004 18:29:19 -0000
@@ -757,12 +757,13 @@ img_read_item(img *pimg, img_point *p)
if (opt < 15) {
/* 1-14 mean trim that many levels from current prefix */
int c;
- if (pimg->label_len <= 16) {
+ if (pimg->label_len <= 17) {
/* zero prefix using "0" */
img_errno = IMG_BADFORMAT;
return img_BAD;
}
- c = pimg->label_len - 16 - 1;
+ /* extra - 1 because label_len points to one past the end */
+ c = pimg->label_len - 17 - 1;
while (pimg->label_buf[c] != '.' || --opt > 0) {
if (--c < 0) {
/* zero prefix using "0" */
--VS++wcV0S1rZb1Fb--