[Bf-blender-cvs] [13b02a724f4] blender-v2.83-release: ImBuf: replace incorrect strstr use with memcmp
Campbell Barton
noreply at git.blender.org
Wed Dec 2 08:50:18 CET 2020
Commit: 13b02a724f440cfab73a51ec2dfe709fd2eec2a1
Author: Campbell Barton
Date: Wed Nov 11 14:08:53 2020 +1100
Branches: blender-v2.83-release
https://developer.blender.org/rB13b02a724f440cfab73a51ec2dfe709fd2eec2a1
ImBuf: replace incorrect strstr use with memcmp
Besides being incorrect as only the first two bytes should be tested,
searching binary data using `strstr` can easily read past buffer bounds.
===================================================================
M source/blender/imbuf/intern/radiance_hdr.c
===================================================================
diff --git a/source/blender/imbuf/intern/radiance_hdr.c b/source/blender/imbuf/intern/radiance_hdr.c
index 46d07e74ce3..54252254ef1 100644
--- a/source/blender/imbuf/intern/radiance_hdr.c
+++ b/source/blender/imbuf/intern/radiance_hdr.c
@@ -203,7 +203,7 @@ int imb_is_a_hdr(const unsigned char *buf)
/* update: actually, the 'RADIANCE' part is just an optional program name,
* the magic word is really only the '#?' part */
// if (strstr((char *)buf, "#?RADIANCE")) return 1;
- if (strstr((char *)buf, "#?")) {
+ if (memcmp((char *)buf, "#?", 2) == 0) {
return 1;
}
// if (strstr((char *)buf, "32-bit_rle_rgbe")) return 1;
More information about the Bf-blender-cvs
mailing list