From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail
From: Po Lu via "Bug reports for GNU Emacs,
 the Swiss army knife of text editors" <bug-gnu-emacs@gnu.org>
Newsgroups: gmane.emacs.bugs
Subject: bug#72245: [PATCH] Fix integer overflow when reading XPM
Date: Tue, 23 Jul 2024 12:45:44 +0800
Message-ID: <87bk2oyavb.fsf@yahoo.com>
References: <CADwFkmmJBqJ7JcgcPrRkEaWhGd6GCnF2OdJ5aCVxQe_7zTt6Zw@mail.gmail.com>
 <s54o76oooae.fsf@yahoo.com>
 <CADwFkmnbt2xGfZ+J4i4x=hBxNAiCJg80_hSMy8Yafe9EPNoEBA@mail.gmail.com>
 <87frs0ydv6.fsf@yahoo.com>
 <CADwFkmkDDtfrc=ciXnbi6qQ0G7R=x7TeoO6mipWrt+e6Dhk43A@mail.gmail.com>
Reply-To: Po Lu <luangruo@yahoo.com>
Mime-Version: 1.0
Content-Type: text/plain
Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214";
	logging-data="17537"; mail-complaints-to="usenet@ciao.gmane.io"
User-Agent: Gnus/5.13 (Gnus v5.13)
Cc: 72245@debbugs.gnu.org
To: Stefan Kangas <stefankangas@gmail.com>
Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Tue Jul 23 06:47:30 2024
Return-path: <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org>
Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org
Original-Received: from lists.gnu.org ([209.51.188.17])
	by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org>)
	id 1sW7Qw-0004So-JU
	for geb-bug-gnu-emacs@m.gmane-mx.org; Tue, 23 Jul 2024 06:47:30 +0200
Original-Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <bug-gnu-emacs-bounces@gnu.org>)
	id 1sW7QY-0001jX-F4; Tue, 23 Jul 2024 00:47:06 -0400
Original-Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1sW7QS-0001NH-Ce
 for bug-gnu-emacs@gnu.org; Tue, 23 Jul 2024 00:47:05 -0400
Original-Received: from debbugs.gnu.org ([2001:470:142:5::43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1sW7QQ-0007cG-L0
 for bug-gnu-emacs@gnu.org; Tue, 23 Jul 2024 00:47:00 -0400
Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1sW7QU-0001fs-DP
 for bug-gnu-emacs@gnu.org; Tue, 23 Jul 2024 00:47:02 -0400
X-Loop: help-debbugs@gnu.org
Resent-From: Po Lu <luangruo@yahoo.com>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Tue, 23 Jul 2024 04:47:02 +0000
Resent-Message-ID: <handler.72245.B72245.17217099756369@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 72245
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: patch
Original-Received: via spool by 72245-submit@debbugs.gnu.org id=B72245.17217099756369
 (code B ref 72245); Tue, 23 Jul 2024 04:47:02 +0000
Original-Received: (at 72245) by debbugs.gnu.org; 23 Jul 2024 04:46:15 +0000
Original-Received: from localhost ([127.0.0.1]:58937 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1sW7Pj-0001eY-1a
 for submit@debbugs.gnu.org; Tue, 23 Jul 2024 00:46:15 -0400
Original-Received: from sonic312-25.consmr.mail.ne1.yahoo.com ([66.163.191.206]:34948)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <luangruo@yahoo.com>) id 1sW7Pc-0001e4-At
 for 72245@debbugs.gnu.org; Tue, 23 Jul 2024 00:46:13 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
 t=1721709957; bh=xPUH7I52otZPJkuMUr3bNQwih0G2Rbkx1vxCZh9f5/g=;
 h=From:To:Cc:Subject:In-Reply-To:References:Date:From:Subject:Reply-To;
 b=XN2H3n2+TCONBAdyIi/9SvYneHQ/mBYd8XDTxmhUlIMVZNVWntQr/2k2q1ty1q/rkC8owyls0KwOuhl4xfexr3rf1vqttuQHg5777n0VRbqQ2QWN/7AzIeq3C4+svcitWjbp6yGsKVWElQUkvsl8bY+5HUzm8jmfIbyHBIvvLbsQ/coKTiSss23clLENhJUHObds1rreRzot/Rp9001Cvu7FNaUn5/3JgX/lxmNtQQ/5+1D4s1L1uq10g4BqkR42qBe/pct6NwMagQa32AKCFYYDU+qDCMYlzgKEwTZp5cTELCsQLdITdNmq6Fg+Z6XpXSWCRT2mgSmvd85JiUfS6A==
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; 
 t=1721709957;
 bh=13+dcZ3hF1+ofoLLDw1sv/XDFJuH9gOZ9v50KWsU1kR=; 
 h=X-Sonic-MF:From:To:Subject:Date:From:Subject;
 b=MZFyEpQyatDrj5YfsPqruHVwaoqkrMY+v8ifCnQhw9RriokH9PQmMm7M53x3+Ae57yblF577k2i/GtHSJRhQeu4GCzTt0OZSHcUHmZ9uifq17SVqxrr5mUItLgHW+g2aG6roHDLo29GJx2+AtF6l5lpZqJQsvqQcpdKTIDH/M8pdbz+3eOffGMBMrAsL8T0QsX50TvcQ4r4HG+BV93D4GD759+CxcVZseKqsfPa6XKv8nJHcmfikbDYFPbzgN1s+utth7EavPAVURQoSFj/W5aW9MzsVbJouCqE5xLdmjQeD9H+euwEwN9RdKHfwUv5IzpIytTcmKXcC6dKNJhkm/A==
X-YMail-OSG: GCYG.2sVM1ltCUzvyATWwl0nVaGeC.jpXNaK92TIa0eCX2GTmN5tfVbv9eM1Ht6
 uTztLLL1_7V8BQy.U2MPMTPSE5s6ykn6BhWCIvcI8yDRFUbgdJobUtTvsrPqsWge64EdwGg0Yr3N
 7AAAHSMIm6viFqyOK47noq5HjKKBotIfrWy8KwjefPXmkW8rXuR3EjjVx2hgAciWuL0rFE_2XOI_
 bLObDGlCZG5JLHPVT2iPf2rq2nvRwpxTp5AN_hnva_S6Dh.v7FrtpyGFjXPRVG8tb.CSzTnifQwo
 F6xnv4K8R7ZGit7aFD9Sqw1P61u632sO8P2FSZJrHEfABe3S3LBYlgKTkKQ.7xwZXbr0gNCUgwoe
 foCmrsZZVsHgImdNmejehvVEw06X1YHFBu.qN2Yla3XyXh0MpMXpiuUxTIX_73X5YWFG_.B.BPeQ
 .Np.rK2u_KjGo09efC4NsdARhE2iT.GaWYbduzdrRkffy8foUic6k1zxMpi8znjUoixY_nty9Crn
 .dPHtl9V5bcdwObfxPLB_wrlBXPTAwGVh_ZaakG3lXKMyadaCd6nLu0EEdh9wt86HwbSsJPlKOl9
 vhoYir_uMotHUSlkzly_mrb.1Fw4bVhYKuU8f8Nms_wd6uynww6eUXy2xJ6YLwqwOhQ0_uv.C7KN
 eXd8Z3pe_k_9Sw9LhUOg5WOdF3ZXG9dxlsLz8PW_x64Tu4Npd2ph7XlgocGJ0Qg9pEJpbIAvetA4
 fMMB4XcJbI2yfH6kOXEUsPOe5t4Xc83aHkVOKYgp85Yt2vyvAo2nCKk.Y61__hkg6WMsjrT74H5_
 KcqzjUImF88SXigOhibqep7Ezy0mbGM.z3ifyrDBNs 
X-Sonic-MF: <luangruo@yahoo.com>
X-Sonic-ID: 3d98326b-ac00-4711-974f-77e2fa5252ec
Original-Received: from sonic.gate.mail.ne1.yahoo.com by
 sonic312.consmr.mail.ne1.yahoo.com with HTTP; Tue, 23 Jul 2024 04:45:57 +0000
Original-Received: by hermes--production-sg3-85fdb5cfc8-gthtg (Yahoo Inc. Hermes SMTP
 Server) with ESMTPA ID b819abdd08ed92135e61e0019dcebbf0; 
 Tue, 23 Jul 2024 04:45:51 +0000 (UTC)
In-Reply-To: <CADwFkmkDDtfrc=ciXnbi6qQ0G7R=x7TeoO6mipWrt+e6Dhk43A@mail.gmail.com>
 (Stefan Kangas's message of "Mon, 22 Jul 2024 21:12:44 -0700")
X-Mailer: WebService/1.1.22501
 mail.backend.jedi.jws.acl:role.jedi.acl.token.atz.jws.hermes.yahoo
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: bug-gnu-emacs@gnu.org
List-Id: "Bug reports for GNU Emacs,
 the Swiss army knife of text editors" <bug-gnu-emacs.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-gnu-emacs>,
 <mailto:bug-gnu-emacs-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/bug-gnu-emacs>
List-Post: <mailto:bug-gnu-emacs@gnu.org>
List-Help: <mailto:bug-gnu-emacs-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-gnu-emacs>,
 <mailto:bug-gnu-emacs-request@gnu.org?subject=subscribe>
Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org
Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org
Xref: news.gmane.io gmane.emacs.bugs:289139
Archived-At: <http://permalink.gmane.org/gmane.emacs.bugs/289139>

Stefan Kangas <stefankangas@gmail.com> writes:

> Po Lu <luangruo@yahoo.com> writes:
>
>> Otherwise I can find no reason to substantially reinvent the wheel and
>> complicate image.c with a pedantic 10-line function for reading
>> numbers with overflow checking, implementations of which already
>> abound in that file in one shape or another.
>
> Thanks, but this diatribe doesn't really help.  If you think you can do
> a better job, then fine by me.  Please show us the patch.

I'm saying that there is nothing to be done.  This change is needless,
and the report should be closed, whatever opinions the security theater
might hold on the matter.