# HG changeset patch
# User John W. Eaton <jwe@octave.org>
# Date 1648999757 14400
# Node ID 0a1aec50a0c82fd9fed4bd64961680f6291d4a75
# Parent  7ad8385ff106eaa667d257afba3b6f5ded2cb10f
avoid possible buffer overflow in string constructor

* gl2ps-print.cc (gl2ps_renderer::draw): Pass number of characters to
std::string construtor instead of relying on character buffer to be
null terminated.

diff -r 7ad8385ff106 -r 0a1aec50a0c8 libinterp/corefcn/gl2ps-print.cc
--- a/libinterp/corefcn/gl2ps-print.cc	Fri Apr 01 07:25:50 2022 -0400
+++ b/libinterp/corefcn/gl2ps-print.cc	Sun Apr 03 11:29:17 2022 -0400
@@ -527,7 +527,11 @@
                     //        Modify resulting svg to use points instead.
                     //        Remove this "else if" block, and
                     //        make header_found true for SVG if gl2ps is fixed.
-                    std::string srchstr (str);
+
+                    // Specify number of characters because STR may have
+                    // come from std::fread and not end with a NUL
+                    // character.
+                    std::string srchstr (str, nread);
                     std::size_t pos = srchstr.find ("<svg ");
                     if (! header_found && pos != std::string::npos)
                       {