Package: xsane
Version: 0.997-2ubuntu3
I have reported the following bug to the XSane bug tracker at
https://alioth.debian.org/tracker/index.php?func=detail&aid=313503 but
it was suggested that I also report it here as the upstream project has
not made a release in over a year.
----
When scanning to the viewing window then saving a file, changes to the
file type cause the filename to fill with spurious characters, the
system to report an 'Invalid file name' then 'A fatal error occured
while running the scanning application'.
Environment: XSane 0.997 on Ubuntu 10.10.
Issue can be duplicated as follows:
* Start XSane.
* In main control window select Type as 'JPEG'.
* In main control window select Target as 'Viewer'.
* Carry out scan, setting other options if necessary.
* The Viewer window should open.
* Select File->Save image.
* In the Type drop-down chooser, select 'PDF'. Observe that the Name
textbox changes appropriately.
* In the Type drop-down chooser select 'by ext'. Observer that the
non-printable text is entered into the Name textbox.
Of course, as a workaround it is possible to manually remove the
non-printable text and enter a new filename in the Name textbox.
----
The problem was traced to xsane 0.997 source code, file:
xsane-back-gtk.c, function: xsane_back_gtk_filetype2_callback.
Code in this function will determine the new name for a file when a file
extension is chosen from the Type drop-drown chooser. When 'by ext' is
chosen no code is executed to populate the string pointed to by the
filename, leaving uninitialised memory at this location. The
uninitialised memory is later copied back to the UI.
The attached patch against XSane 0.998
(http://www.xsane.org/download/xsane-0.998.tar.gz) resolves this issue.
The information contained in this message (and any attachments) may
be confidential and is intended for the sole use of the named addressee.
Access, copying, alteration or re-use of the e-mail by anyone other
than the intended recipient is unauthorised. If you are not the intended
recipient please advise the sender immediately by returning the e-mail
and deleting it from your system.
This information may be exempt from disclosure under Freedom Of Information
Act 2000 and may be subject to exemption under other UK information
legislation. Refer disclosure requests to the Information Officer.
The original of this email was scanned for viruses by the Government Secure
Intranet virus scanning service supplied by Cable&Wireless Worldwide in
partnership with MessageLabs. (CCTM Certificate Number 2009/09/0052.) On leaving
the GSi this email was certified virus free.
Communications via the GSi may be automatically logged, monitored and/or
recorded for legal purposes.
--- xsane-back-gtk.c 2012-01-11 10:11:08.169747300 +0000
+++ xsane-back-gtk.c.mod 2012-01-11 10:16:12.944997900 +0000
@@ -1130,6 +1130,11 @@
}
snprintf(filename, sizeof(filename), "%s%s", chooser_filename,
new_filetype);
}
+ else
+ {
+ strncpy(filename, chooser_filename, sizeof(filename));
+ filename[sizeof(filename) - 1] = '\0';
+ }
if (filechooser_filetype)
{