Because it is unclear how to decide what is an acceptable image size and what is too big.
> Why just not inspect file header, as I commented in STR? > > On 11/05/2012 02:51 PM, Manolo Gouy wrote: > >>> Fixing STR #2881 (Check image bounds before allocation) requires > >>> to check for failed memory allocation. Without exception handling, > >>> I believe the only way to do it is: > >>> = > >> > >>> #include <new> > >>> ... > >>> array = new(std::nothrow) char[xxx]; > >>> if (!array) longjmp(xxx, 1); > >>> = > >> > >>> which violates the CMP because it uses the standard library and > >>> the std namespace. > >>> = > >> > >>> What should we do? > >> > >> > >> Can we just use malloc instead of new, then check whether we get a NULL > >> pointer or not? > > > > Yes, but this would require to rewrite the deallocating code to use > > free() instead of delete, and make sure every possible instance is > > changed. > > > _______________________________________________ fltk-dev mailing list fltk-dev@easysw.com http://lists.easysw.com/mailman/listinfo/fltk-dev