3 Oct
2005
3 Oct
'05
3:58 a.m.
Versions of inkscape before 2005-07-27 (apparently including 0.41) include this code in style.cpp:
sp_style_merge_from_style_string (SPStyle *style, const gchar *p) { gchar property [BMAX]; gchar value [BMAX];
and subsequently do an unchecked memcpy into one or other of them.
If we want to prepare a minimal fix for 0.41 rather than urging upgrading to 0.42, then we shouldn't just use the 2005-07-27 change (viz. using libcroco), but, say, strdup or realloc.
Is it indeed desired to make a backport?
pjrm.