Mike, thanks for your feedback! > 1) I don't think it is possible for (i < tiff) to ever occur in the code. Is it?
I was thinking "offset" could even be negative, but I didn't really check the signedness and types of the functions and variables involved. I don't remember any longer if I got a negative in my own gdb testing. > 2) I think "i>readsize" should actually be "i>=readsize". Right? Yes, that would be consistent with the while(i<readsize) in the code above. And I guess to be really precise, a real tag sequence would need a certain size so it would already be useless if i>(readsize- certainsize). But given the randomness of "offset" these would be corner cases. -- gthumb[15566]: segfault at 5126c60f eip b7f7bfe6 esp bf9bab08 error 4 https://bugs.launchpad.net/bugs/316017 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
