[Bf-committers] Blender 2.43 RC1
Peter Schlaile
peter at schlaile.de
Tue Jan 2 17:50:02 CET 2007
Hi,
> 1) I found that recently into source/blender/blenkernel/BKE_plugin_types.h
> the size of the 'name' array was increased from 16 to 32. Indeed when it
> was 16 I was also getting a buffer overrun, as described here:
>
> http://qa.mandriva.com/show_bug.cgi?id=24583
>
> and I wrote a patch for 2.42a here:
>
> http://svn.mandriva.com/cgi-bin/viewvc.cgi/*checkout*/packages/cooker/blender/current/SOURCES/blender-2.42a-wavefront-obj-overrun.patch
>
> Indeed apart the increasing of the size of the array from 16 to 32 bytes,
> that code from 2.42a to current CVS wasn't changed, so the bug is still there (just shifted).
> Would be possible to include this patch:
>
> http://svn.mandriva.com/cgi-bin/viewvc.cgi/*checkout*/packages/cooker/blender/current/SOURCES/blender-2.43-wavefront-obj-overrun.patch
>
> into current blender CVS, so to perform a more robust
> check over that arrays?
Fiddling with VarStruct is generally a bad idea (tm), since it breaks
binary compatibility to existing plugins.
(take a look here:
http://projects.blender.org/pipermail/bf-committers/2006-December/017063.html
)
Does your patch also work with
#define VARSTRUCT_NAMEMAX 16
?
Greetings,
Peter
More information about the Bf-committers
mailing list