Possible Buffer Overflow in ACDSee 4.0

[Markus Arndt <markus-arndt () web de>]

While playing around with ACDSee's "Photo Album"files (ais extension) i noticed
a bug that seems to me like a buffer overflow.

ACDSee's ais are build up like this:


"[absolutepath]\filename.gif" "description"  
"[absolutepath]\some.gif" "mydog"
"[absolutepath]\dunno.gif" "mycat"


I filled one description up to 260 chars.
Then i loaded the file in ACDSee. Nothing special..

But when i wanted to see the picture's properties the app just crashed.
It seems that acdsee can't handle more than 256 chars in the description
when displaying the propertie's dialog(or maybee i'm just an idiot ;D).

Grab a sample Photoalbumfile at "http://skka.de/acdsee_bug.zip";.
The included gif has to be placed directly on "c:\" because acdsee only
allows absolute paths in these files and i couldn't give any relative
path to the gif.. :/
Otherwise the ais file will seem not to contain any pictures and you can't
trigger the bug by selecting the pic's properties in the context menu.

Maybee somebody finds out more..

Markus Arndt<markus-arndt () web de>
________________________________________________________________
Keine verlorenen Lotto-Quittungen, keine vergessenen Gewinne mehr! 
Beim WEB.DE Lottoservice: http://tippen2.web.de/?x=13