Comments (2)
dxli
commented on June 16, 2024
Amazing, this is a serious bug from the very beginning.
It was clearly a potential buffer overflow as the assertion as identified, so previous, the bug was there, but as there was no assertion, so not identified.
The bug is also quite clear:
- The string length is assigned to a variable "ls";
- The string is allowed to be trimmed from back, but "ls" is not updated, so potentially larger than the string length;
- The string is now trimmed from front, now, with an assumed length "ls", which is larger, so the comparison goes beyond the buffer size, and potentially causing writing beyond the string size.
It has been running properly so far, because the QString buffer is probably not immediately reduced after trimming in step 2, but it's still considered an undefined behavior.
from librecad.
dxli
commented on June 16, 2024
The issue is so serious, I also pushed the fix to the 2.2.1 release candidate branch
from librecad.
Related Issues (20)
- Error: Import Error: error opening DXF/DWG file HOT 12
- Print Preview Toolbar not closing
- Please don't tag RC/pre releases with the same tag pattern as releases HOT 4
- Move and Copy commands should be two different commands HOT 6
- program startup error HOT 15
- Hatch and construction layer HOT 1
- Incorrect polyline "closed" property editing via properties dialog HOT 1
- Entry Point Not Found HOT 3
- LC_ActionLayersExport: Mark messages for translation
- Request to add a simple resize tool. HOT 13
- double free or corruption (out) HOT 2
- Strange drawing painting in QT6-based version? HOT 2
- Error 50 in drawing header in AutoDesk Viewer HOT 2
- Crash during reading LFF fonts HOT 13
- MTEXT alignment is broken HOT 1
- Weird Screen->Drawing coordinates mapping with shift (QT6, master) HOT 3
- Delete an overlapped node (vertex) HOT 2
- 從現有的線段創建聚合線指令 此功能能否框選所有的雲行線後一次全部連接 HOT 1
- Solid hatch does not cover some elements even if it is pushed to top with Order HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from librecad.