File transfig-03ea4578.patch of Package transfig.12287
commit 03ea4578258d2d9ca1ceb080e469ad261db39ef0
Author: Thomas Loimer <thomas.loimer@tuwien.ac.at>
Date: Fri Jul 26 23:25:50 2019 +0200
Allow circle arrowheads when mag >= 42, ticket #52
Circle and half-circle arrowheads would be drawn with 40 + mag/4 points by
calc_arrow() in bound.c. However, the point arrays passed to calc_arrow()
would only contain 50 points. With a magnification >= 42, a buffer overrun
would occur. Simply use 40 points, independent of magnification.
---
fig2dev/bound.c | 6 +++---
fig2dev/read1_3.c | 14 ++++++++------
2 files changed, 11 insertions(+), 9 deletions(-)
--- fig2dev/bound.c
+++ fig2dev/bound.c 2019-08-15 07:06:42.609509358 +0000
@@ -905,7 +905,7 @@ calc_arrow(int x1, int y1, int x2, int y
/*
* CIRCLE and HALF-CIRCLE arrowheads
*
- * We approximate circles with (40+zoom)/4 points
+ * We approximate circles with 40 points
*/
double maxx;
double fix_x, fix_y, xs, ys;
@@ -936,8 +936,8 @@ calc_arrow(int x1, int y1, int x2, int y
dy = my - ys;
fix_x = xs + (dx / 2.0);
fix_y = ys + (dy / 2.0);
- /* choose number of points for circle - 40+mag/4 points */
- *npoints = np = round(mag/4.0) + 40;
+ /* choose number of points for circle */
+ *npoints = np = 40;
if (type == 5) {
/* full circle */
--- fig2dev/read1_3.c
+++ fig2dev/read1_3.c 2019-08-15 07:06:42.609509358 +0000
@@ -211,13 +211,14 @@ read_compoundobject(FILE *fp)
&com->secorner.x, &com->secorner.y);
if (n != 4) {
put_msg("Incorrect compound object format");
+ free(com);
return(NULL);
}
while (fscanf(fp, "%d", &object) == 1) {
switch (object) {
case OBJ_POLYLINE :
if ((l = read_lineobject(fp)) == NULL) {
- free_line(&l);
+ free_compound(&com);
return(NULL);
}
if (ll)
@@ -227,7 +228,7 @@ read_compoundobject(FILE *fp)
break;
case OBJ_SPLINE :
if ((s = read_splineobject(fp)) == NULL) {
- free_spline(&s);
+ free_compound(&com);
return(NULL);
}
if (ls)
@@ -237,7 +238,7 @@ read_compoundobject(FILE *fp)
break;
case OBJ_ELLIPSE :
if ((e = read_ellipseobject(fp)) == NULL) {
- free_ellipse(&e);
+ free_compound(&com);
return(NULL);
}
if (le)
@@ -247,7 +248,7 @@ read_compoundobject(FILE *fp)
break;
case OBJ_ARC :
if ((a = read_arcobject(fp)) == NULL) {
- free_arc(&a);
+ free_compound(&com);
return(NULL);
}
if (la)
@@ -257,7 +258,7 @@ read_compoundobject(FILE *fp)
break;
case OBJ_TEXT :
if ((t = read_textobject(fp)) == NULL) {
- free_text(&t);
+ free_compound(&com);
return(NULL);
}
if (lt)
@@ -267,7 +268,7 @@ read_compoundobject(FILE *fp)
break;
case OBJ_COMPOUND :
if ((c = read_compoundobject(fp)) == NULL) {
- free_compound(&c);
+ free_compound(&com);
return(NULL);
}
if (lc)
@@ -287,6 +288,7 @@ read_compoundobject(FILE *fp)
#else
put_msg("Format error.");
#endif
+ free_compound(&com);
return(NULL);
}
}
