Matt Curtis
Matt Curtis
Thank you for the comprehensive answer! > Regarding the argument that you quoted above, the maximum should not exceed `INT_MAX / 2`. To clarify, I'm working specifically with `XML_GetBuffer` and...
> If I think about it more, we need to rely on waterproof bounds checking inside the code for _any_ size of buffer because it can be more than two...
After further consideration, could `XML_GetCurrentByteIndex` be used to solve this problem? A libexpat user could compare the byte offset against how much data they know they've provided, and possibly avoid...
> I think as a user of Expat I would only worry about overflows in your own code and rely on Expat to catch all overflows in its code. I...
> I'm not sure if it's worth the effort and you might reject some files that would parse fine otherwise, but depending on your use case and threat model maybe...
(Disclaimer: my C is very rusty, so I'm having to look things up as we go. That said:) I checked out the source for `XML_GetBuffer` because I want to make...
> To my understanding `XML_GetBuffer` does consider overflows regarding `int` but does not consider limits of `ptrdiff_t`. > I'm not sure I follow. If I have 500 bytes left to...
I've been looking at this recently myself. I would suggest either: 1.) Using XBCurlView and managing cylinder position yourself. 2.) Using XBPageDragView, subclass it (or just edit it) and change...
Ah, OK. I'd switched to XIB (I had no reason to use a Storyboard anyway) but thanks.
I'm just using iterate for now. BTW, was a 'break' statement ever implemented? How do you pull off your tag/attribute queries? The only time I've gotten an XPath query to...