Number: 52
Title: Bugs in EPSF shapes
Submitter: Antti Huima
Date: Mon Oct 1 08:16:26 2001
Subsys: Dot
Version: 1.7.7/CVS 2001/10/01
System: *-*-
Severity: major
Problem:
There are two bugs related to the "EPSF shapes" in dot.
(1) When EPS files are read in the strings that represent them in memory are
not NUL-terminated although code later assumes so. Causes core dumps.
(2) Dimensions are incorrectly swapped at one point in code
which causes invalid layout decisions.
I've included fixes.
Fix:
Bug 1:
In epsf_init, change
contents = EPSF_contents[i] = malloc(statbuf.st_size);
to
contents = EPSF_contents[i] = malloc(statbuf.st_size + 1);
Add the line:
contents[statbuf.st_size] = '0';
after the call to "fread".
Bug 2:
Change the last line of epsf_inside in shapes.c to read:
return ((P.y >= -x2) && (P.y <= x2)
&& (P.x >= -n->u.lw) && (P.x <= n->u.rw));
Owner: north
Status: Fixed