Mercurial > octave
changeset 30884:0a1aec50a0c8 stable
avoid possible buffer overflow in string constructor
* gl2ps-print.cc (gl2ps_renderer::draw): Pass number of characters to
std::string construtor instead of relying on character buffer to be
null terminated.
author | John W. Eaton <jwe@octave.org> |
---|---|
date | Sun, 03 Apr 2022 11:29:17 -0400 |
parents | 7ad8385ff106 |
children | 960909469245 05328c2145ff |
files | libinterp/corefcn/gl2ps-print.cc |
diffstat | 1 files changed, 5 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/libinterp/corefcn/gl2ps-print.cc Fri Apr 01 07:25:50 2022 -0400 +++ b/libinterp/corefcn/gl2ps-print.cc Sun Apr 03 11:29:17 2022 -0400 @@ -527,7 +527,11 @@ // Modify resulting svg to use points instead. // Remove this "else if" block, and // make header_found true for SVG if gl2ps is fixed. - std::string srchstr (str); + + // Specify number of characters because STR may have + // come from std::fread and not end with a NUL + // character. + std::string srchstr (str, nread); std::size_t pos = srchstr.find ("<svg "); if (! header_found && pos != std::string::npos) {