[Lcms-user] reading ColorantTable: extra bytes in buffer?
An ICC-based CMM for color management
Brought to you by:
mm2
Menu
▾
▴
[Lcms-user] reading ColorantTable: extra bytes in buffer?
|
From: Andrew B. <bae...@gm...> - 2013-03-14 09:54:24
|
Hello Marti, I have a question regarding Type_ColorantTable_Read() routine (cmstypes.c) There is a buffer 'Name' of 34 bytes, which is used to read the colorant name field. We read 32 bytes from input and then set 33th byte to zero as a null terminator. The ICC spec defines the colorant name field as 32-byte field, null terminated. If input data contains null-terminated name, everything is fine. However, if it is not null-terminated for some reason (say, corrupted profile), then we may get an arbitrary value in 32th byte of the colorant name, what probably can cause a problem during future processing. My question is: do we really need extra bytes in the 'Name' buffer? May I suggest to use 32-byte buffer, and 31th byte as a null-terminator? A patch is attached. Thanks, Andrew |
