Sophie: xv-3.10a-16.1.mga6 src

xv-3.10a-16.1.mga6.src.rpm

Info
Deps
Files
Scripts
ChangeLog
Location
Others versions
Analyse

#
# bnc#1043479 gimp created png crashes xv
# rich.coe2@gmail.com
# it uses .text_length to determine size of buffer but strcpy's from .text
# use same method to determine correct size
#
--- xv-3.10a/xvpng.c	2017-06-08 14:45:30.462632457 -0500
+++ xvt/xvpng.c	2017-06-08 15:13:32.422848106 -0500
@@ -939,7 +939,7 @@ int LoadPNG(fname, pinfo)
 
     for(i = 0; i < info_ptr->num_text; i++)
       commentsize += strlen(info_ptr->text[i].key) + 1 +
-                     info_ptr->text[i].text_length + 2;
+                     strlen(info_ptr->text[i].text) + 2;
 
     if((pinfo->comment = malloc(commentsize)) == NULL) {
       png_warning(png_ptr,"can't allocate comment string");