> On Jun 25, 2015, at 5:16 AM, Wayne Stambaugh <stambau...@gmail.com> wrote: > > Chris, > > Thanks for the patch. I just want to let you know that, this is one of > those likely to be short lived patches. After the stable release, one > of my first orders of business will be to write proper I/O management > code similar to what we have for Pcbnew. It will use code in > richio.h/.cpp for parsing and formatting which takes care of the memory > allocation issues. > > Wayne
Wayne, While you may consider it to be a short-term patch because the plan is to fix the root cause of the issues, we all know that a stable release will be the one that most of the regular users stick with for a long time, at least to the next stable release. So the fix is a Good Thing and will hopefully eliminate some bug reports and user complaints. -a > > On 6/25/2015 12:37 AM, Chris Pavlina wrote: >> Eeschema is _full_ of sscanf buffer overflow vulnerabilities, in almost >> every ::Load. This patch adds the proper field width specifiers to >> prevent the buffers from being smashed by an invalid or malicious input. >> >> -- >> Chris _______________________________________________ Mailing list: https://launchpad.net/~kicad-developers Post to : kicad-developers@lists.launchpad.net Unsubscribe : https://launchpad.net/~kicad-developers More help : https://help.launchpad.net/ListHelp
