| <<<Back 1 day (to 2015/01/06) | 20150107 |
Robin_Watts | Morning tor8. | 11:17.08 |
tor8 | hi Robin_Watts | 11:17.32 |
Robin_Watts | paulgardiner, tor8: An updated version of the xref index review is on robin/master | 11:17.35 |
| (Paul looked at it yesterday and I then tweaked it a bit based on his comments) | 11:17.51 |
| That gets the speed back up to where it was before. | 11:17.59 |
| plus, there is a fix for a muimage bug on there too. | 11:18.19 |
| malc found a JPEG image that had xres and yres set to 1. | 11:18.32 |
| That meant we tried to render it huge. | 11:18.41 |
tor8 | respecting the image dpi in muimage is so odd, compared to pretty much all other image viewers out there... | 11:18.55 |
| wouldn't mucbz have the same issue for individual pages? | 11:21.09 |
Robin_Watts | tor8: Probably. | 11:23.40 |
| tor8: Are you going to commit the mujs memcpy fix? | 11:56.26 |
| Or the manual strcpy one? | 11:56.37 |
| Either lgtm. | 11:56.45 |
tor8 | Robin_Watts: I will commit the manual strcpy one | 11:57.03 |
| sebras has been running mujs through the coverity open source thing on github, and we're down to 2 defects -- one false positive, and one useless (it complains about rand() being insecure to timing attacks if you use it for crypto) | 11:59.25 |
Robin_Watts | can we mask the false positive? | 12:03.33 |
| and our rand() depends on timings ? | 12:03.47 |
tor8 | the false positive is tricky; we could mask it by using memcpy instead of a safe strcpy (the string lengths are bounded by previous computations, but coverity can't follow the logic) | 12:06.00 |
| the rand warning is useless to us; it's a standard "beware when using this function" warning | 12:06.30 |
Robin_Watts | tor8: I see. | 12:07.10 |
tor8 | still, I'm quite happy that we found so few coverity warnings :) | 12:07.52 |
| I remember the pages upon pages we had when we used it for mupdf all those years ago :( | 12:08.07 |
sebras | tor8: if you like I could run mupdf through it too. | 12:34.45 |
| tor8: using their model language you can supposedly describe things like fz_throw() so coverity gets it. | 12:35.20 |
| tor8: though I think it would be better if you add ccxvii/mupdf and add me as a admin. | 12:35.42 |
tkamppeter | Can anyone have a look at http://bugs.ghostscript.com/show_bug.cgi?id=695777 to see whether this is something which can easily get fixed or whether updating is the only/the best solution here? | 16:02.27 |
henrys | tkamppeter: update 7.07? can't imagine we'd be able to do that. | 16:04.27 |
rayjj | henrys: I'm running the (very simple) fix for the xps_zip_alloc_items oops -- I started it before enabling macpro, however. I suspect it worked on other systems because the "item" local variable just happened to be on the stack (just a guess). | 16:14.33 |
| it is strange that I didn't get any "new warnings" from the previous run that threw the macpro errors | 16:18.44 |
henrys | we probably should take advantage of coverity for ghostscript and mupdf, it's more thorough than the static analysis we have now. | 16:18.55 |
| rayjj: yeah I'd expect something. | 16:19.19 |
rayjj | henrys: the cluster test was clean so I pushed the fix | 16:20.42 |
henrys | rayjj: so I'll turn back on macpro and keep an eye on it. | 16:21.11 |
rayjj | henrys: I already enabled macpro | 16:22.27 |
| but the regression run following the push was so quick, that macpro didn't actually run anything :-( | 16:23.00 |
| I guess we'd have to do a run at night when marcosw1's fast machines are turned off | 16:23.41 |
| back to Len's iissues... | 16:25.03 |
tkamppeter | henrys, I do not nean to issue an update, but more whether one of you sees "on a quick glance" whether this is a known issuew with simple fix and tell the poster which GIT commit he needs to apply as a patch. If not, best is he updates to the current version. | 16:30.35 |
henrys | tkamppeter: sorry no idea - rayjj? | 16:34.10 |
Robin_Watts | tkamppeter: 7.07 is over 11 years old. There is NEVER going to be a single commit to fix this. | 16:35.26 |
tkamppeter | OK, so then my comment on the bug for the OP to update is the correct thing. | 16:37.37 |
henrys | tkamppeter: can you ask him for the test file also? be nice to know it's not still an existing problem. | 16:38.33 |
henrys | still wonders how we can force people to provide specimens | 16:38.57 |
| no file no bug .... | 16:39.09 |
henrys | got a nest thermostat ... I really didn't even think about the security issues of it until I installed it. Have to think these devices will be a cool hacker target. | 16:44.39 |
| Forward 1 day (to 2015/01/08)>>> | |