interface instead of string. This will result in a lot more
efficiency later, once I add in a simple hash table for caching
lookups, since it will avoid creating a lot of temporary string
objects. The major considerations for users will be that they cannot
use
node->getName() == "foo";
any more, and will have to use c_str() when setting a string value
from a C++ string.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Zlib Advisory 2002-03-11
zlib Compression Library Corrupts malloc Data Structures via Double Free
Original release date: March 11, 2002
Last revised: March 11, 2002
Source: This advisory is based on a CERT advisory written
by Jeffrey P. Lanza http://www.kb.cert.org/vuls/id/368819
Systems Affected
* Any software that is linked against zlib 1.1.3 or earlier
* Any data compression library derived from zlib 1.1.3 or earlier
Overview
There is a vulnerability in the zlib shared library that may introduce
vulnerabilities into any program that includes zlib. This
vulnerability has been assigned a CVE name of CAN-2002-0059
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0059
I. Description
There is a vulnerability in the decompression algorithm used by the
popular zlib compression library. If an attacker is able to pass a
specially-crafted block of invalid compressed data to a program that
includes zlib, the program's attempt to decompress the crafted data
can cause the zlib routines to corrupt the internal data structures
maintained by malloc.
The vulnerability results from a programming error that causes
segments of dynamically allocated memory to be released more than once
(aka. "double-freed"). Specifically, when inftrees.c:huft_build()
encounters the crafted data, it returns an unexpected Z_MEM_ERROR to
inftrees.c:inflate_trees_dynamic(). When a subsequent call is made to
infblock.c:inflate_blocks(), the inflate_blocks function tries to free
an internal data structure a second time.
Because this vulnerability interferes with the proper allocation and
de-allocation of dynamic memory, it may be possible for an attacker to
influence the operation of programs that include zlib. In most
circumstances, this influence will be limited to denial of service or
information leakage, but it is theoretically possible for an attacker
to insert arbitrary code into a running program. This code would be
executed with the permissions of the vulnerable program.
II. Impact
This vulnerability may introduce vulnerabilities into any program that
includes the affected library. Depending upon how and where the zlib
routines are called from the given program, the resulting
vulnerability may have one or more of the following impacts: denial of
service, information leakage, or execution of arbitrary code.
III. Solution
Upgrade your version of zlib
The maintainers of zlib have released version 1.1.4 to address this
vulnerability. Any software that is linked against or derived from an
earlier version of zlib should be upgraded immediately. The latest
version of zlib is available at http://www.zlib.org
The md5 sums of the source archives are:
abc405d0bdd3ee22782d7aa20e440f08 zlib-1.1.4.tar.gz
ea16358be41384870acbdc372f9db152 zlib-1.1.4.tar.bz2
IV. Acknowledgments
Thanks to Owen Taylor and Mark Cox of Redhat, Inc. for the
reporting and research of this vulnerability.
This document is available from
http://www.gzip.org/zlib/advisory-2002-03-11.txt
The public PGP key of zlib author Jean-loup Gailly is available from
http://www.gzip.org/zlib/jloup.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8jSR02aJ9JQGWcacRAuDEAKCWdrRkWeJV9lYU5z8NN56s3m8eKACglR4m
42KDUGHuftBkwACTMCnZLEo=
=3yLS
-----END PGP SIGNATURE-----
For each major primative type: points, triangles, fans, and strips, you
can specify an index list of vertices, normals, colors, and texture
coordinates. You can skip any of these you like to save on space.
Note that the work for this has only been done in the file format reader
and writer. The FlightGear loader for instance still needs to have
support for this built in.
This is is one more small step towards runway lighting.
*all* properties to be written, rather than just the ones flagged as
archivable. Tony Peden requested this feature to make it easier for
people to document properties.
The useDefault argument for the SGPropertyNode::tie(...) methods will
invoke the setter only when there is already a property value defined;
previously, the setter was always invoked, with a default value if
necessary.
time calculations for an alternate calendar time (i.e. if the application
is being driven from an external source of data.)
Fix a bug in sg_binobj.cxx which disrupted the 'broken down time' globally
for the entire application.
1. Nodes cache previous relative paths so that they do not have to
parse the paths each time.
2. There are new getNode() methods that include indices, so that users
do not have to sprintf to a buffer to iterate through indexed nodes.
