[pdf-devel] Stream buffer flaw

pdf-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[pdf-devel] Stream buffer flaw

From:	gerel
Subject:	[pdf-devel] Stream buffer flaw
Date:	Fri, 03 Oct 2008 21:40:50 -0700 (PDT)

Hey everyone,

There is a flaw in the full_p function that allows a filter to overflows the
buffer->data pointer. Basically it's not working,

I use printf() in the RL filter to show the behavior.
##
size: 1, wp: 0, rp: 0,  and It is NOT full
size: 1, wp: 0, rp: 0,  and It is NOT full
size: 1, wp: 0, rp: 0,  and It is NOT full
size: 1, wp: 1, rp: 1,  and It is NOT full
size: 1, wp: 1, rp: 1,  and It is NOT full
###

The last two should say "It is full".

You can check the above prints are consistent (yet undesired) with the code,
see:
##
pdf_bool_t
pdf_stm_buffer_full_p (pdf_stm_buffer_t buffer)
{
  return ((buffer->wp == buffer->size) &&
          (buffer->rp != buffer->wp));
}
###

I don't know what kind of buffer we're trying to implement.
jemarch, what kind of buffer is that you have in mind ? Let's put it clear. :-)


cheers

-gerel

[Prev in Thread]

Current Thread

[Next in Thread]

[pdf-devel] Stream buffer flaw, gerel <=
- Re: [pdf-devel] Stream buffer flaw, jemarch, 2008/10/04

Prev by Date: Re: [pdf-devel] Patch for the Flate filter
Next by Date: [pdf-devel] Patch for crypt module unit tests failures
Previous by thread: [pdf-devel] Re: Unit tests for the pdf_time module
Next by thread: Re: [pdf-devel] Stream buffer flaw
Index(es):
- Date
- Thread