griefith/test
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

My last commit for the sscanf buffer overflow did not really fix the

Browse Source 
problem.  Now the fixed length strings are limited in the sscanf so
it should be much better now.

Kent
This commit is contained in:
Kent Mein
2008-04-17 15:41:06 +00:00
parent da3c44958e
commit 0ecf7a6f5b
1 changed files with 1 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
source/blender/imbuf/intern/radiance_hdr.c
View File

@@ -182,7 +182,6 @@ struct ImBuf *imb_loadhdr(unsigned char *mem, int size, int flags)
unsigned char* ptr;
unsigned char* rect;
char oriY[80], oriX[80];
char buff[STR_MAX];
if (imb_is_a_hdr((void*)mem))
{
@@ -194,8 +193,7 @@ struct ImBuf *imb_loadhdr(unsigned char *mem, int size, int flags)
}
}
if (found) {
BLI_strncpy(buff, (char *)&mem[x+1], sizeof(buff));
if (sscanf(buff, "%s %d %s %d", (char*)&oriY, &height,
if (sscanf((char *)&mem[x+1], "%80s %d %80s %d", (char*)&oriY, &height,
(char*)&oriX, &width) != 4) return NULL;
/* find end of this line, data right behind it */