Re: buffer overflow in fonts.c?

Yoshiaki Kasahara said:     (by the date of Fri, 27 Jul 2007 23:29:59 +0900 (JST))

> I think this code malloc 'len' bytes of memory, and assign 0 to
> buf[len], which means (len+1)th bytes from index 0, doesn't it?

That's what I think also from reading the code, so this is why 
I applied this. But I'm not completely sure because there is also 
a "+ 1" in several places above :)

Janek Kozicki                                                         |

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]