>Number:         25636
>Category:       pkg
>Synopsis:       gdk-pixbuf of x11/gtk2 can't load ASCII PNM image
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed May 19 11:21:00 UTC 2004
>Closed-Date:
>Last-Modified:
>Originator:     Kouichirou Hiratsuka
>Release:        NetBSD 2.0_BETA
>Organization:
>Environment:
System: NetBSD firefly.localdomain 2.0_BETA NetBSD 2.0_BETA (FIREFLY.MP) #7: Sun May 16 01:33:45 JST 2004 root@firefly.localdomain:/usr/src/sys/arch/i386/compile/FIREFLY.MP i386
Architecture: i386
Machine: i386
>Description:
	The gdk-pixbuf of x11/gtk2 can't load ASCII PNM image correctly.  When
	it reads pixel value from a file, it accesses to a next of end of
	buffer at line 240 of gdk-pixbuf/io-pnm.c.

	I reported this problem to GNOME Bugzilla and sent a patch.  Then it
	was applied to gtk-2-4 branch of gtk+.

>How-To-Repeat:
	cd ${PKGSRCDIR}/graphics/gqview
	make && make install
	gqview (view ASCII PNM image)

>Fix:
	Add this patch to x11/gtk2.

--- gdk-pixbuf/io-pnm.c.orig	2004-05-15 21:41:30.000000000 +0900
+++ gdk-pixbuf/io-pnm.c	2004-05-15 23:13:58.000000000 +0900
@@ -237,7 +237,7 @@
 	*word = '\0';
 	
 	/* hmmm, there must be more data to this 'word' */
-	if (!g_ascii_isspace (*p) && (*p != '#')  && (p - inptr < 128))
+	if (p == inend || (!g_ascii_isspace (*p) && (*p != '#') && (p - inptr < 128)))
 	    return PNM_SUSPEND;
 	
 	/* get the value */
	
>Release-Note:
>Audit-Trail:
>Unformatted: