Re: xsane-0.77 released [PATCHES]

From: Ben Stanley (bds02@uow.edu.au)
Date: Fri May 25 2001 - 08:51:03 PDT

  • Next message: Jochen Eisinger: "New Homepage for mustek_pp backend"

    Oliver Rauch wrote:

    >XSane 0.77 is released.
    >
    Oliver,

    I see that the reporting of errors from preview_increment_image_y will
    still result in preview_read_image_data being called again before the
    scan is aborted. (in the code of xsane 0.77). This error occurs in other
    places in preview_read_image_data() as well (fixed by attached
    recursive-error-error.patch). Remember that calling
    xsane_back_gtk_error() allows preview_read_image_data() to be called
    again (recursively) before the scan is aborted. So the scan must be
    aborted before calling xsane_back_gtk_error(). I fixed all instances of
    this error that I found, but there may be more that I didn't get...

    I think that if the backend sends more data than reported by
    sane_get_parameters(), xsane will still crash and burn... I think this
    should generate an error message and abort the scan instead. A patch for
    this is attached (overflow.patch). I would appreciate someone else
    checking over this patch - I'm not completely sure I got all the sizes
    correct in all cases.

    Ben.


    *** xsane-preview.c.orig Sat May 26 00:18:38 2001
    --- xsane-preview.c Sat May 26 01:20:57 2001
    ***************
    *** 1447,1453 ****
            goto bad_depth;
          }
      
    -
          if (status != SANE_STATUS_GOOD)
          {
            if (status == SANE_STATUS_EOF)
    --- 1447,1452 ----
    ***************
    *** 1491,1496 ****
    --- 1490,1498 ----
              switch (p->params.depth)
              {
                case 8:
    + if( p->image_offset + len > 3*p->image_width * p->image_height ) {
    + goto data_overflow;
    + }
                  for (i = 0; i < len; ++i)
                  {
                    p->image_data_raw[p->image_offset] = buf[i] * 256;
    ***************
    *** 1507,1512 ****
    --- 1509,1517 ----
                  break;
      
                case 16:
    + if( p->image_offset + len/2 > 3*p->image_width * p->image_height ) {
    + goto data_overflow;
    + }
                  for (i = 0; i < len/2; ++i)
                  {
                    p->image_data_raw[p->image_offset] = buf16[i];
    ***************
    *** 1531,1536 ****
    --- 1536,1544 ----
              switch (p->params.depth)
              {
                case 1:
    + if( p->image_offset + len*8*3 > 3*p->image_width * p->image_height ) {
    + goto data_overflow;
    + }
                  for (i = 0; i < len; ++i)
                  {
                    u_char mask = buf[i];
    ***************
    *** 1561,1566 ****
    --- 1569,1577 ----
                 break;
      
                case 8:
    + if( p->image_offset + len*3 > 3*p->image_width * p->image_height ) {
    + goto data_overflow;
    + }
                  for (i = 0; i < len; ++i)
                  {
                    u_char gray = buf[i];
    ***************
    *** 1580,1585 ****
    --- 1591,1599 ----
                 break;
      
                case 16:
    + if( p->image_offset + len*3/2 > 3*p->image_width * p->image_height ) {
    + goto data_overflow;
    + }
                  for (i = 0; i < len/2; ++i)
                  {
                    u_char gray = buf16[i]/256;
    ***************
    *** 1610,1615 ****
    --- 1624,1632 ----
                  switch (p->params.depth)
                  {
                    case 1:
    + if( p->image_offset + len*8*3 > 3*p->image_width * p->image_height ) {
    + goto data_overflow;
    + }
                      for (i = 0; i < len; ++i)
                      {
                        u_char mask = buf[i];
    ***************
    *** 1632,1637 ****
    --- 1649,1657 ----
                     break;
      
                    case 8:
    + if( p->image_offset + len*3 > 3*p->image_width * p->image_height ) {
    + goto data_overflow;
    + }
                      for (i = 0; i < len; ++i)
                      {
                        p->image_data_raw[p->image_offset] = buf[i] * 256;
    ***************
    *** 1646,1651 ****
    --- 1666,1674 ----
                     break;
      
                    case 16:
    + if( p->image_offset + len*3/2 > 3*p->image_width * p->image_height ) {
    + goto data_overflow;
    + }
                      for (i = 0; i < len/2; ++i)
                      {
                        p->image_data_raw[p->image_offset] = buf16[i];
    ***************
    *** 1687,1692 ****
    --- 1710,1721 ----
        snprintf(buf, sizeof(buf), "%s %d.", ERR_PREVIEW_BAD_DEPTH, p->params.depth);
        xsane_back_gtk_error(buf, TRUE);
        preview_scan_done(p);
    + return;
    +
    + data_overflow:
    + snprintf(buf, sizeof(buf), "%s.", ERR_BACKEND_DATA_OVERFLOW );
    + preview_scan_done(p);
    + xsane_back_gtk_error(buf, TRUE);
        return;
      }
      
    *** xsane-text.h.orig Sat May 26 01:08:39 2001
    --- xsane-text.h Sat May 26 01:10:23 2001
    ***************
    *** 488,493 ****
    --- 488,494 ----
      #define ERR_FAILED_ALLOCATE_IMAGE _("Failed to allocate image memory:")
      #define ERR_PREVIEW_BAD_DEPTH _("Preview cannot handle bit depth")
      #define ERR_GIMP_SUPPORT_MISSING _("GIMP support missing")
    + #define ERR_BACKEND_DATA_OVERFLOW _("Backend sent more data than it said it would (protocol error)")
      
      #define ERR_CREATE_PREVIEW_FILE _("Could not create temporary preview files")
      #define ERR_CREATE_PREVIEW_FILENAME _("Could not create filenames for preview files")


    *** xsane-preview.c.orig Sat May 26 00:18:38 2001
    --- xsane-preview.c Sat May 26 01:26:54 2001
    ***************
    *** 1386,1393 ****
          if ( (!p->image_data_enh) || (!p->image_data_raw) )
          {
            snprintf(buf, sizeof(buf), "%s %s.", ERR_FAILED_ALLOCATE_IMAGE, strerror(errno));
    - xsane_back_gtk_error(buf, TRUE);
            preview_scan_done(p);
            return -1;
          }
          memset(p->image_data_enh + offset, 0xff, extra_size);
    --- 1386,1393 ----
          if ( (!p->image_data_enh) || (!p->image_data_raw) )
          {
            snprintf(buf, sizeof(buf), "%s %s.", ERR_FAILED_ALLOCATE_IMAGE, strerror(errno));
            preview_scan_done(p);
    + xsane_back_gtk_error(buf, TRUE);
            return -1;
          }
          memset(p->image_data_enh + offset, 0xff, extra_size);
    ***************
    *** 1474,1482 ****
            else
            {
              snprintf(buf, sizeof(buf), "%s %s.", ERR_DURING_READ, XSANE_STRSTATUS(status));
              xsane_back_gtk_error(buf, TRUE);
            }
    - preview_scan_done(p);
            return;
          }
      
    --- 1474,1482 ----
            else
            {
              snprintf(buf, sizeof(buf), "%s %s.", ERR_DURING_READ, XSANE_STRSTATUS(status));
    + preview_scan_done(p);
              xsane_back_gtk_error(buf, TRUE);
            }
            return;
          }
      
    ***************
    *** 1685,1692 ****
      
      bad_depth:
        snprintf(buf, sizeof(buf), "%s %d.", ERR_PREVIEW_BAD_DEPTH, p->params.depth);
    - xsane_back_gtk_error(buf, TRUE);
        preview_scan_done(p);
        return;
      }
      
    --- 1685,1692 ----
      
      bad_depth:
        snprintf(buf, sizeof(buf), "%s %d.", ERR_PREVIEW_BAD_DEPTH, p->params.depth);
        preview_scan_done(p);
    + xsane_back_gtk_error(buf, TRUE);
        return;
      }
      

    --
    Source code, list archive, and docs: http://www.mostang.com/sane/
    To unsubscribe: echo unsubscribe sane-devel | mail majordomo@mostang.com
    



    This archive was generated by hypermail 2b29 : Fri May 25 2001 - 08:53:46 PDT