Return to BSD News archive
Xref: sserve comp.windows.x.apps:6489 comp.windows.x.i386unix:10867 comp.os.386bsd.apps:1308
Path: sserve!newshost.anu.edu.au!harbinger.cc.monash.edu.au!msuinfo!agate!usenet.ins.cwru.edu!ns.mcs.kent.edu!borsburn
From: borsburn@mcs.kent.edu (Bret Orsburn)
Newsgroups: comp.windows.x.apps,comp.windows.x.i386unix,comp.os.386bsd.apps
Subject: Bug in XPaint 2.1.1 Release
Date: 31 Jul 1994 20:39:26 GMT
Organization: Kent State University
Lines: 63
Distribution: world
Message-ID: <31h25u$cpr@ns.mcs.kent.edu>
NNTP-Posting-Host: condor.mcs.kent.edu
XPaint 2.1.1 contains a bug that results in stack corruption. The mode of
failure is dependent on the compiler and level of optimization.
The following diff corrects the problem (typo fix thrown in gratis :-).
I've cross-posted this to some 386 groups because this bug causes the
xpaint_bin package on freebsd.cdrom.com (and elsewhere) to dump core.
Repeat by: try to "Change Size" from the "Image" menu. (May not fail,
depending on the object code generated by your compiler.)
Failure is because Dimension is type unsigned short but resource types
XtNdrawWidth and XtNdrawHeight are type int. XtVaGetValues is called
(in size.c okSizeCallback) with pointers to stack variables that are
too small:
if (arg->paint != None)
XtVaGetValues(arg->paint, XtNdrawWidth, &width,
XtNdrawHeight, &height,
NULL);
--------------------------------<cut here>-------------------------------------
*** .orig/size.c Sun Jul 31 14:37:02 1994
--- size.c Sun Jul 31 15:20:47 1994
***************
*** 59,65 ****
{
arg_t *arg = (arg_t *)argArg;
TextPromptInfo *info = (TextPromptInfo *)infoArg;
! Dimension width, height;
arg->w = atoi(info->prompts[0].rstr);
arg->h = atoi(info->prompts[1].rstr);
--- 59,65 ----
{
arg_t *arg = (arg_t *)argArg;
TextPromptInfo *info = (TextPromptInfo *)infoArg;
! int width, height;
arg->w = atoi(info->prompts[0].rstr);
arg->h = atoi(info->prompts[1].rstr);
***************
*** 78,84 ****
} else if (arg->paint == None) {
arg->func(arg->widget, arg->w, arg->h, arg->z);
} else if (arg->w != width || arg->h != height) {
! AlertBox(GetShell(arg->paint), "Warning this operation is cannot be undone\nContinue?",
sureCallback, cancelSizeCallback, arg);
/* don't free */
return;
--- 78,84 ----
} else if (arg->paint == None) {
arg->func(arg->widget, arg->w, arg->h, arg->z);
} else if (arg->w != width || arg->h != height) {
! AlertBox(GetShell(arg->paint), "Warning this operation cannot be undone\nContinue?",
sureCallback, cancelSizeCallback, arg);
/* don't free */
return;
--------------------------------<cut here>-------------------------------------
Bret Orsburn
borsburn@mcs.kent.edu