Mercurial > octave

changeset 30884:0a1aec50a0c8 stable

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
avoid possible buffer overflow in string constructor * gl2ps-print.cc (gl2ps_renderer::draw): Pass number of characters to std::string construtor instead of relying on character buffer to be null terminated.
author John W. Eaton <jwe@octave.org>
date Sun, 03 Apr 2022 11:29:17 -0400
parents 7ad8385ff106
children 960909469245 05328c2145ff
files libinterp/corefcn/gl2ps-print.cc
diffstat 1 files changed, 5 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/libinterp/corefcn/gl2ps-print.cc	Fri Apr 01 07:25:50 2022 -0400
+++ b/libinterp/corefcn/gl2ps-print.cc	Sun Apr 03 11:29:17 2022 -0400
@@ -527,7 +527,11 @@
                     //        Modify resulting svg to use points instead.
                     //        Remove this "else if" block, and
                     //        make header_found true for SVG if gl2ps is fixed.
-                    std::string srchstr (str);
+
+                    // Specify number of characters because STR may have
+                    // come from std::fread and not end with a NUL
+                    // character.
+                    std::string srchstr (str, nread);
                     std::size_t pos = srchstr.find ("<svg ");
                     if (! header_found && pos != std::string::npos)
                       {