although I think that those other issues you've mentioned are not related to this bug, fixes for those are in patch you can find attached
-- Yaroslav Halchenko Research Assistant, Psychology Department, Rutgers-Newark Student Ph.D. @ CS Dept. NJIT Office: (973) 353-5440x263 | FWD: 82823 | Fax: (973) 353-1171 101 Warren Str, Smith Hall, Rm 4-105, Newark NJ 07102 WWW: http://www.linkedin.com/in/yarik
diff -x changelog -Naur nifticlib-0.6/fsliolib/fslio.c nifticlib-0.6.modified/fsliolib/fslio.c --- nifticlib-0.6/fsliolib/fslio.c 2007-11-05 11:25:40.000000000 -0500 +++ nifticlib-0.6.modified/fsliolib/fslio.c 2007-11-05 10:52:13.000000000 -0500 @@ -198,13 +198,16 @@ int retval=-1; if (fname==NULL) return retval; flen = strlen(fname); + /* [EMAIL PROTECTED] had to group conditions to avoid possible + * illegal memory read-ins */ if (flen<5) return retval; /* smallest name + extension is a.nii */ if (strcmp(fname + flen - 4,".nii")==0) retval=FSL_TYPE_NIFTI; - if (strcmp(fname + flen - 7,".nii.gz")==0) retval=FSL_TYPE_NIFTI_GZ; if (strcmp(fname + flen - 4,".mnc")==0) retval=FSL_TYPE_MINC; - if (strcmp(fname + flen - 7,".mnc.gz")==0) retval=FSL_TYPE_MINC; if (strcmp(fname + flen - 4,".hdr")==0) retval=FSL_TYPE_NIFTI_PAIR; if (strcmp(fname + flen - 4,".img")==0) retval=FSL_TYPE_NIFTI_PAIR; + if ((retval==-1) && (flen<8)) return retval; /* small name + ext.gz is a.nii.gz */ + if (strcmp(fname + flen - 7,".nii.gz")==0) retval=FSL_TYPE_NIFTI_GZ; + if (strcmp(fname + flen - 7,".mnc.gz")==0) retval=FSL_TYPE_MINC; if (strcmp(fname + flen - 7,".hdr.gz")==0) retval=FSL_TYPE_NIFTI_PAIR_GZ; if (strcmp(fname + flen - 7,".img.gz")==0) retval=FSL_TYPE_NIFTI_PAIR_GZ; if ( (retval==FSL_TYPE_NIFTI_PAIR) || (retval==FSL_TYPE_NIFTI_PAIR_GZ) ) { @@ -290,10 +293,10 @@ basename = nifti_makebasename(fname); blen = strlen(basename); #ifdef HAVE_ZLIB - if (strcmp(basename + blen-7,".mnc.gz") == 0) + if ((blen>7) && (strcmp(basename + blen-7,".mnc.gz") == 0)) { basename[blen-7]='\0'; return basename; } #endif - if (strcmp(basename + blen-4,".mnc") == 0) + if ((blen>4) && (strcmp(basename + blen-4,".mnc") == 0)) { basename[blen-4]='\0'; return basename; } return basename; }