First of all, Thanks for this wonderful editor. I use it from the times of turbo-C.
I have found a probable source of trouble with the function utf8_encode. Negative values are incorrectly managed and there is a possibility of buffer overrun or null pointer dereferencing.
I would like to contribute a patch for solving this, but as it will be rather big, I would like to know if you would accept it before doing it.
I am very interested in the stability of joe, because I use it for editing my own programs.
Antonio Diaz, GNU Ocrad author and maintainer.
Nobody should be passing negative numbers to utf8_encode- if you've found some code which is doing this, please point to it (or send a patch). I will certainly accept patches for actual bugs.
I don't see how utf8_encode would cause a buffer overrun even with an incorrect argument.
You should join the mailing list- most of the action takes place there.
Log in to post a comment.