mirror of
https://github.com/gryf/wmaker.git
synced 2025-12-22 14:08:06 +01:00
1f3adb0ea5
I've found a buffer overflow problem in RSmoothScaleImage. There are some scaling calculations involving floats which are finally converted to integers. Since such conversion does not round the number, just truncates the decimal part, sometimes the number is smaller than it should be. As a result, smaller buffer is allocated for picture scaling and thus buffer overflow occurs. Strange thing is that this bug has not appeared earlier so it probably has something to do with newer gcc or glibc (I switch from "prehistoric" Fedora Core 5 to Fedora 12). <What about the symptoms?> There were several ones, probably depending on application version and compilation flags. First, it just stopped responding. Looking at the process with strace I saw it locked in some FUTEX wait (unfortunately I don't have the logs). Second, it just crashed. And last I got complaint from glibc about double free or corrupted heap before malloc. I've found the bug through wmweather+ dockapp, versions 2.9 and 2.11 (http://sourceforge.net/projects/wmweatherplus/), I've never encountered it in WindowMaker itself.
WindowMaker raster graphics library This library is used to manipulate images and convert them to a format that can be displayed through the X window system. Read the wraster.h header for an idea of what is available This Library is LGPL and Copyright (c) Alfredo K. Kojima <kojima@inf.ufrgs.br> The following environment variables control some parameters: RIMAGE_CACHE <integer> Is the maximum number of images to store in the internal cache. Default is 8 RIMAGE_CACHE_SIZE <integer> Is the size of the biggest image to store in the cache. Default is 4k (64x64) Porting ======= It should be fairly easy to port it to other environments (svgalib, libggi etc), probably only requiring wraster.h, context.c and convert.c to be changed. Note that the X specific code should be disabled in that case, including support for libXpm.