Christopher Faylor wrote:
On Tue, May 26, 2009 at 12:41:03PM +0200, David Engraf wrote:
I have fixed the error in ntea.cc handling the return value of
NTQueryEaFile. This patch is only needed for the 1.5 release. Maybe this
error should be considered as critical due to uninitialized stack usage
of the variable fea when the function returned an error.
2009-05-26 David Engraf <david.eng...@sysgo.com>
* ntea.cc (read_ea): Fix error handling and avoid using
uninitialized stack.
Thanks for the patch but this will have to be a known limitation of
1.5.x. We don't plan on making any new releases before 1.7 is rolled
out.
cgf
But this could be a security problem and as long as we don't have
released the 1.7 we should continue fixing critical parts because most
of the users are using the stable version.
- David
