forked from enlightenment/efl
evas_vg_load_svg: Prevent array overflow
Summary: sz must be less than 20 to append 'carriage return' Test Plan: Example SVG ``` <?xml version="1.0" encoding="UTF-8"?> <svg><aaaaaaaaaaaaaaaaaaaa > </aaaaaaaaaaaaaaaaaaaa></svg> ``` @fix Reviewers: Hermet, raster, kimcinoo Reviewed By: raster Subscribers: cedric, #committers, #reviewers Tags: #efl Differential Revision: https://phab.enlightenment.org/D12313
This commit is contained in:
parent
ec80ef2ce4
commit
a32373195b
|
@ -2279,7 +2279,7 @@ _evas_svg_loader_xml_open_parser(Evas_SVG_Loader *loader,
|
|||
attrs_length = length - sz;
|
||||
while ((sz > 0) && (isspace(content[sz - 1])))
|
||||
sz--;
|
||||
if ((unsigned int)sz > sizeof(tag_name)) return;
|
||||
if ((unsigned int)sz >= sizeof(tag_name)) return;
|
||||
strncpy(tag_name, content, sz);
|
||||
tag_name[sz] = '\0';
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue