Comment 8 for bug 1161111

The bug is a simple buffer overflow in scan/sane/bb_ledm.c

There is a six character buffer that expects to contain an integer from an HTTP connection that is terminated with a "\r\n". But there's no checking if something else is read. In this case "HTTP/1." has been read before the crash.

I can't seem to work out where the hplip source code is managed or how to file a bug so the developers of it can fix this...