From d21be1f2232bbb1b0c66b712f240c510c64b6047 Mon Sep 17 00:00:00 2001 From: Jean-Christophe Ruel Date: Wed, 30 Oct 2024 08:13:28 -0400 Subject: [PATCH] Update README.md --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index c648f81..2ef090f 100644 --- a/README.md +++ b/README.md @@ -152,8 +152,8 @@ quad[:,1:4,:] *= scale # Avoid scaling normals To read STL file with a large triangle count > **1 000 000**, the openstl buffer overflow safety must be unactivated with `openstl.set_activate_overflow_safety(False)` after import. Deactivating overflow safety may expose the application to a potential buffer overflow attack vector since the stl standard is not backed by a checksum. -This can cause significant risks if openstl is used as part of a service in a backend server for example. For -domestic usage, ignore this warning. +This can cause significant risks if openstl (and any other STL reader) is used as part of a service in a backend server for example. For +domestic usage, ignore this warning. OpenSTl is the only stl reader to provide such default safety feature. # C++ Usage ### Read STL from file @@ -263,4 +263,4 @@ The STL file format, while widely used for 3D modeling and printing, was designe - Potential for Buffer Overflow Attacks: The lack of built-in validation and the absence of bounds checking in the STL format can make it susceptible to buffer overflow attacks. Care should be taken when handling STL files, especially those from untrusted sources, to ensure they are properly validated before being used. -These limitations are inherent to the STL format and should be considered when working with or implementing software that processes STL files. Developers are encouraged to implement additional validation and error-handling mechanisms in their applications to mitigate these risks. \ No newline at end of file +These limitations are inherent to the STL format and should be considered when working with or implementing software that processes STL files. Developers are encouraged to implement additional validation and error-handling mechanisms in their applications to mitigate these risks.