David Sharp wrote:
On 9/24/05, Sebastian Dransfeld <[EMAIL PROTECTED]> wrote:
David Sharp wrote:
something to do with icons not being there.. anyway, it's a one-liner fix.
fake diff:
ecore_x_netwm.c:654
- if(icon)
+ if(icon && *icon)
memcpy(*icon, &(data[2]), len * sizeof(unsigned int));
This shouldn't be possible. If (icon) is true, then we do malloc, and if
the malloc fails we return.
yes you are right. saw the size check you added. in fact, this is
exactly the problem. It seems the app (this can probably be blamed on
wxWidgets, b/c the app uses that) is not setting the icon property
correctly, only setting width, but not height, so ARGB data starts at
data[1]. the sanity check you added is not quite sufficient though,
since in this case, len < 0 (data[1] is 0xff alpha, and therefore
negative). either cast len to unsigned, or check for len < 0 as well.
Though, you could also then try guessing the height like this:
if( ((num_ret-1) % width)==0) // num_ret-1 b/c we are guessing
width is missing.
height = (num_ret)-1/width;
assuming you have vars for width and height.. you would also have to
start copying from data+1, not data+2.
Now we check:
1. Do we have two elements.
2. Multiply element 1 and 2, since they are unsigned, we get a number >
0. Check if the number is greater than the amount of data we get.
This may return a weird result, but it shouldn't be possible to segv.
Sebastian
-------------------------------------------------------
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42" plasma tv or your very own
Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
_______________________________________________
enlightenment-devel mailing list
enlightenment-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/enlightenment-devel
