From 7d8d1e044686f7c573c01a7dee7f69d54397597b Mon Sep 17 00:00:00 2001 From: joncruz Date: Mon, 24 Sep 2007 16:10:40 +0000 Subject: [PATCH] Fixed unsafe hardcoding of buffer size --- src/dialogs/clonetiler.cpp | 6 +++--- src/dialogs/swatches.cpp | 6 +++--- src/dropper-context.cpp | 2 +- src/gradient-chemistry.cpp | 2 +- src/gradient-context.cpp | 2 +- src/interface.cpp | 2 +- src/sp-fediffuselighting.cpp | 2 +- src/sp-fespecularlighting.cpp | 2 +- src/sp-gradient.cpp | 4 ++-- src/ui/widget/registered-widget.cpp | 2 +- src/ui/widget/selected-style.cpp | 30 ++++++++++++++--------------- src/widgets/gradient-vector.cpp | 6 +++--- 12 files changed, 33 insertions(+), 33 deletions(-) diff --git a/src/dialogs/clonetiler.cpp b/src/dialogs/clonetiler.cpp index fe370c522..f6d3b0309 100644 --- a/src/dialogs/clonetiler.cpp +++ b/src/dialogs/clonetiler.cpp @@ -149,7 +149,7 @@ on_picker_color_changed (guint rgba) Inkscape::XML::Node *repr = inkscape_get_repr(INKSCAPE, prefs_path); gchar c[32]; - sp_svg_write_color(c, 32, rgba); + sp_svg_write_color(c, sizeof(c), rgba); repr->setAttribute("initial_color", c); is_updating = false; @@ -1167,7 +1167,7 @@ clonetiler_apply (GtkWidget *widget, void *) float rgb[3]; sp_color_hsl_to_rgb_floatv (rgb, hsl[0], hsl[1], hsl[2]); - sp_svg_write_color(color_string, 32, SP_RGBA32_F_COMPOSE(rgb[0], rgb[1], rgb[2], 1.0)); + sp_svg_write_color(color_string, sizeof(color_string), SP_RGBA32_F_COMPOSE(rgb[0], rgb[1], rgb[2], 1.0)); } // Blur @@ -1278,7 +1278,7 @@ clonetiler_apply (GtkWidget *widget, void *) opacity *= val; } if (pick_to_color) { - sp_svg_write_color(color_string, 32, rgba); + sp_svg_write_color(color_string, sizeof(color_string), rgba); } } diff --git a/src/dialogs/swatches.cpp b/src/dialogs/swatches.cpp index 3a41c1ec4..fb302c110 100644 --- a/src/dialogs/swatches.cpp +++ b/src/dialogs/swatches.cpp @@ -332,7 +332,7 @@ static bool bruteForce( SPDocument* document, Inkscape::XML::Node* node, Glib::u SPObject *obj = document->getObjectByRepr( node ); gchar c[64] = {0}; - sp_svg_write_color( c, 64, SP_RGBA32_U_COMPOSE( r, g, b, 0xff ) ); + sp_svg_write_color( c, sizeof(c), SP_RGBA32_U_COMPOSE( r, g, b, 0xff ) ); SPCSSAttr *css = sp_repr_css_attr_new(); sp_repr_css_set_property( css, "fill", c ); @@ -347,7 +347,7 @@ static bool bruteForce( SPDocument* document, Inkscape::XML::Node* node, Glib::u SPObject *obj = document->getObjectByRepr( node ); gchar c[64] = {0}; - sp_svg_write_color( c, 64, SP_RGBA32_U_COMPOSE( r, g, b, 0xff ) ); + sp_svg_write_color( c, sizoef(c), SP_RGBA32_U_COMPOSE( r, g, b, 0xff ) ); SPCSSAttr *css = sp_repr_css_attr_new(); sp_repr_css_set_property( css, "stroke", c ); @@ -562,7 +562,7 @@ void ColorItem::buttonClicked(bool secondary) char const * attrName = secondary ? "stroke" : "fill"; guint32 rgba = (def.getR() << 24) | (def.getG() << 16) | (def.getB() << 8) | 0xff; gchar c[64]; - sp_svg_write_color(c, 64, rgba); + sp_svg_write_color(c, sizeof(c), rgba); SPCSSAttr *css = sp_repr_css_attr_new(); sp_repr_css_set_property( css, attrName, c ); diff --git a/src/dropper-context.cpp b/src/dropper-context.cpp index b986569ae..5c11aa50c 100644 --- a/src/dropper-context.cpp +++ b/src/dropper-context.cpp @@ -346,7 +346,7 @@ static gint sp_dropper_context_root_handler(SPEventContext *event_context, GdkEv guint32 c32 = SP_RGBA32_F_COMPOSE(R, G, B, alpha_to_set); gchar c[64]; - sp_svg_write_color(c, 64, c32); + sp_svg_write_color(c, sizeof(c), c32); // alpha of color under cursor, to show in the statusbar // locale-sensitive printf is OK, since this goes to the UI, not into SVG diff --git a/src/gradient-chemistry.cpp b/src/gradient-chemistry.cpp index d3b8f7911..9a78a5293 100644 --- a/src/gradient-chemistry.cpp +++ b/src/gradient-chemistry.cpp @@ -1165,7 +1165,7 @@ sp_document_default_gradient_vector(SPDocument *document, guint32 color) Inkscape::XML::Node *stop = xml_doc->createElement("svg:stop"); gchar b[64]; - sp_svg_write_color(b, 64, color); + sp_svg_write_color(b, sizeof(b), color); { gchar *t = g_strdup_printf("stop-color:%s;stop-opacity:1;", b); diff --git a/src/gradient-context.cpp b/src/gradient-context.cpp index f83625abe..3f643b2a9 100644 --- a/src/gradient-context.cpp +++ b/src/gradient-context.cpp @@ -297,7 +297,7 @@ sp_gradient_context_add_stop_near_point (SPGradientContext *rc, SPItem *item, N guint32 cnew = average_color (c1, c2, (offset - prev_stop->offset) / (next_stop->offset - prev_stop->offset)); Inkscape::CSSOStringStream os; gchar c[64]; - sp_svg_write_color (c, 64, cnew); + sp_svg_write_color (c, sizeof(c), cnew); gdouble opacity = (gdouble) SP_RGBA32_A_F (cnew); os << "stop-color:" << c << ";stop-opacity:" << opacity <<";"; SP_OBJECT_REPR (newstop)->setAttribute("style", os.str().c_str()); diff --git a/src/interface.cpp b/src/interface.cpp index a041f5cf5..43ba15f04 100644 --- a/src/interface.cpp +++ b/src/interface.cpp @@ -1037,7 +1037,7 @@ sp_ui_drag_data_received(GtkWidget *widget, gchar c[64] = {0}; // Careful about endian issues. guint16* dataVals = (guint16*)data->data; - sp_svg_write_color( c, 64, + sp_svg_write_color( c, sizeof(c), SP_RGBA32_U_COMPOSE( 0x0ff & (dataVals[0] >> 8), 0x0ff & (dataVals[1] >> 8), diff --git a/src/sp-fediffuselighting.cpp b/src/sp-fediffuselighting.cpp index cdb771cd0..a44ac5894 100644 --- a/src/sp-fediffuselighting.cpp +++ b/src/sp-fediffuselighting.cpp @@ -264,7 +264,7 @@ sp_feDiffuseLighting_write(SPObject *object, Inkscape::XML::Node *repr, guint fl /*TODO kernelUnits */ if (fediffuselighting->lighting_color_set) { gchar c[64]; - sp_svg_write_color(c, 64, fediffuselighting->lighting_color); + sp_svg_write_color(c, sizeof(c), fediffuselighting->lighting_color); repr->setAttribute("lighting-color", c); } else repr->setAttribute("lighting-color", NULL); diff --git a/src/sp-fespecularlighting.cpp b/src/sp-fespecularlighting.cpp index 27f8cf8ba..3a21d9844 100644 --- a/src/sp-fespecularlighting.cpp +++ b/src/sp-fespecularlighting.cpp @@ -288,7 +288,7 @@ sp_feSpecularLighting_write(SPObject *object, Inkscape::XML::Node *repr, guint f /*TODO kernelUnits */ if (fespecularlighting->lighting_color_set) { gchar c[64]; - sp_svg_write_color(c, 64, fespecularlighting->lighting_color); + sp_svg_write_color(c, sizeof(c), fespecularlighting->lighting_color); repr->setAttribute("lighting-color", c); } if (((SPObjectClass *) feSpecularLighting_parent_class)->write) { diff --git a/src/sp-gradient.cpp b/src/sp-gradient.cpp index d86e3b0e3..b4c42e866 100644 --- a/src/sp-gradient.cpp +++ b/src/sp-gradient.cpp @@ -224,7 +224,7 @@ sp_stop_write(SPObject *object, Inkscape::XML::Node *repr, guint flags) os << "currentColor"; } else { gchar c[64]; - sp_svg_write_color(c, 64, specifiedcolor); + sp_svg_write_color(c, sizeof(c), specifiedcolor); os << c; } os << ";stop-opacity:" << opacity; @@ -917,7 +917,7 @@ sp_gradient_repr_write_vector(SPGradient *gr) /* strictly speaking, offset an SVG rather than a CSS one, but exponents make no * sense for offset proportions. */ gchar c[64]; - sp_svg_write_color(c, 64, gr->vector.stops[i].color.toRGBA32( 0x00 )); + sp_svg_write_color(c, sizeof(c), gr->vector.stops[i].color.toRGBA32( 0x00 )); os << "stop-color:" << c << ";stop-opacity:" << gr->vector.stops[i].opacity; child->setAttribute("style", os.str().c_str()); /* Order will be reversed here */ diff --git a/src/ui/widget/registered-widget.cpp b/src/ui/widget/registered-widget.cpp index c99fcb5ff..5f59eff8f 100644 --- a/src/ui/widget/registered-widget.cpp +++ b/src/ui/widget/registered-widget.cpp @@ -356,7 +356,7 @@ RegisteredColorPicker::on_changed (guint32 rgba) } gchar c[32]; - sp_svg_write_color(c, 32, rgba); + sp_svg_write_color(c, sizeof(c), rgba); bool saved = sp_document_get_undo_sensitive (local_doc); sp_document_set_undo_sensitive (local_doc, false); local_repr->setAttribute(_ckey.c_str(), c); diff --git a/src/ui/widget/selected-style.cpp b/src/ui/widget/selected-style.cpp index d4b0a203a..139a431b9 100644 --- a/src/ui/widget/selected-style.cpp +++ b/src/ui/widget/selected-style.cpp @@ -431,7 +431,7 @@ void SelectedStyle::dragDataReceived( GtkWidget *widget, gchar c[64]; // Careful about endian issues. guint16* dataVals = (guint16*)data->data; - sp_svg_write_color( c, 64, + sp_svg_write_color( c, sizeof(c), SP_RGBA32_U_COMPOSE( 0x0ff & (dataVals[0] >> 8), 0x0ff & (dataVals[1] >> 8), @@ -516,7 +516,7 @@ void SelectedStyle::on_fill_lastused() { SPCSSAttr *css = sp_repr_css_attr_new (); guint32 color = sp_desktop_get_color(_desktop, true); gchar c[64]; - sp_svg_write_color (c, 64, color); + sp_svg_write_color (c, sizeof(c), color); sp_repr_css_set_property (css, "fill", c); sp_desktop_set_style (_desktop, css); sp_repr_css_attr_unref (css); @@ -528,7 +528,7 @@ void SelectedStyle::on_stroke_lastused() { SPCSSAttr *css = sp_repr_css_attr_new (); guint32 color = sp_desktop_get_color(_desktop, false); gchar c[64]; - sp_svg_write_color (c, 64, color); + sp_svg_write_color (c, sizeof(c), color); sp_repr_css_set_property (css, "stroke", c); sp_desktop_set_style (_desktop, css); sp_repr_css_attr_unref (css); @@ -539,7 +539,7 @@ void SelectedStyle::on_stroke_lastused() { void SelectedStyle::on_fill_lastselected() { SPCSSAttr *css = sp_repr_css_attr_new (); gchar c[64]; - sp_svg_write_color (c, 64, _lastselected[SS_FILL]); + sp_svg_write_color (c, sizeof(c), _lastselected[SS_FILL]); sp_repr_css_set_property (css, "fill", c); sp_desktop_set_style (_desktop, css); sp_repr_css_attr_unref (css); @@ -550,7 +550,7 @@ void SelectedStyle::on_fill_lastselected() { void SelectedStyle::on_stroke_lastselected() { SPCSSAttr *css = sp_repr_css_attr_new (); gchar c[64]; - sp_svg_write_color (c, 64, _lastselected[SS_STROKE]); + sp_svg_write_color (c, sizeof(c), _lastselected[SS_STROKE]); sp_repr_css_set_property (css, "stroke", c); sp_desktop_set_style (_desktop, css); sp_repr_css_attr_unref (css); @@ -563,7 +563,7 @@ void SelectedStyle::on_fill_invert() { guint32 color = _thisselected[SS_FILL]; gchar c[64]; if (_mode[SS_FILL] != SS_COLOR) return; - sp_svg_write_color (c, 64, + sp_svg_write_color (c, sizeof(c), SP_RGBA32_U_COMPOSE( (255 - SP_RGBA32_R_U(color)), (255 - SP_RGBA32_G_U(color)), @@ -583,7 +583,7 @@ void SelectedStyle::on_stroke_invert() { guint32 color = _thisselected[SS_STROKE]; gchar c[64]; if (_mode[SS_STROKE] != SS_COLOR) return; - sp_svg_write_color (c, 64, + sp_svg_write_color (c, sizeof(c), SP_RGBA32_U_COMPOSE( (255 - SP_RGBA32_R_U(color)), (255 - SP_RGBA32_G_U(color)), @@ -601,7 +601,7 @@ void SelectedStyle::on_stroke_invert() { void SelectedStyle::on_fill_white() { SPCSSAttr *css = sp_repr_css_attr_new (); gchar c[64]; - sp_svg_write_color (c, 64, 0xffffffff); + sp_svg_write_color (c, sizeof(c), 0xffffffff); sp_repr_css_set_property (css, "fill", c); sp_repr_css_set_property (css, "fill-opacity", "1"); sp_desktop_set_style (_desktop, css); @@ -613,7 +613,7 @@ void SelectedStyle::on_fill_white() { void SelectedStyle::on_stroke_white() { SPCSSAttr *css = sp_repr_css_attr_new (); gchar c[64]; - sp_svg_write_color (c, 64, 0xffffffff); + sp_svg_write_color (c, sizeof(c), 0xffffffff); sp_repr_css_set_property (css, "stroke", c); sp_repr_css_set_property (css, "stroke-opacity", "1"); sp_desktop_set_style (_desktop, css); @@ -625,7 +625,7 @@ void SelectedStyle::on_stroke_white() { void SelectedStyle::on_fill_black() { SPCSSAttr *css = sp_repr_css_attr_new (); gchar c[64]; - sp_svg_write_color (c, 64, 0x000000ff); + sp_svg_write_color (c, sizeof(c), 0x000000ff); sp_repr_css_set_property (css, "fill", c); sp_repr_css_set_property (css, "fill-opacity", "1.0"); sp_desktop_set_style (_desktop, css); @@ -637,7 +637,7 @@ void SelectedStyle::on_fill_black() { void SelectedStyle::on_stroke_black() { SPCSSAttr *css = sp_repr_css_attr_new (); gchar c[64]; - sp_svg_write_color (c, 64, 0x000000ff); + sp_svg_write_color (c, sizeof(c), 0x000000ff); sp_repr_css_set_property (css, "stroke", c); sp_repr_css_set_property (css, "stroke-opacity", "1.0"); sp_desktop_set_style (_desktop, css); @@ -649,7 +649,7 @@ void SelectedStyle::on_stroke_black() { void SelectedStyle::on_fill_copy() { if (_mode[SS_FILL] == SS_COLOR) { gchar c[64]; - sp_svg_write_color (c, 64, _thisselected[SS_FILL]); + sp_svg_write_color (c, sizeof(c), _thisselected[SS_FILL]); Glib::ustring text; text += c; if (!text.empty()) { @@ -662,7 +662,7 @@ void SelectedStyle::on_fill_copy() { void SelectedStyle::on_stroke_copy() { if (_mode[SS_STROKE] == SS_COLOR) { gchar c[64]; - sp_svg_write_color (c, 64, _thisselected[SS_STROKE]); + sp_svg_write_color (c, sizeof(c), _thisselected[SS_STROKE]); Glib::ustring text; text += c; if (!text.empty()) { @@ -723,7 +723,7 @@ void SelectedStyle::on_fillstroke_swap() { break; case SS_COLOR: gchar c[64]; - sp_svg_write_color (c, 64, _thisselected[SS_FILL]); + sp_svg_write_color (c, sizeof(c), _thisselected[SS_FILL]); sp_repr_css_set_property (css, "stroke", c); break; case SS_LGRADIENT: @@ -745,7 +745,7 @@ void SelectedStyle::on_fillstroke_swap() { break; case SS_COLOR: gchar c[64]; - sp_svg_write_color (c, 64, _thisselected[SS_STROKE]); + sp_svg_write_color (c, sizeof(c), _thisselected[SS_STROKE]); sp_repr_css_set_property (css, "fill", c); break; case SS_LGRADIENT: diff --git a/src/widgets/gradient-vector.cpp b/src/widgets/gradient-vector.cpp index f7a22cc43..991e415d5 100644 --- a/src/widgets/gradient-vector.cpp +++ b/src/widgets/gradient-vector.cpp @@ -469,7 +469,7 @@ verify_grad(SPGradient *gradient) if (i < 1) { gchar c[64]; - sp_svg_write_color (c, 64, 0x00000000); + sp_svg_write_color (c, sizeof(c), 0x00000000); Inkscape::CSSOStringStream os; os << "stop-color:" << c << ";stop-opacity:" << 1.0 << ";"; @@ -718,7 +718,7 @@ sp_grd_ed_add_stop (GtkWidget *widget, GtkWidget *vb) Inkscape::CSSOStringStream os; gchar c[64]; - sp_svg_write_color (c, 64, cnew); + sp_svg_write_color (c, sizeof(c), cnew); gdouble opacity = (gdouble) SP_RGBA32_A_F (cnew); os << "stop-color:" << c << ";stop-opacity:" << opacity <<";"; SP_OBJECT_REPR (newstop)->setAttribute("style", os.str().c_str()); @@ -1161,7 +1161,7 @@ sp_gradient_vector_color_changed (SPColorSelector *csel, GtkObject *object) sp_repr_set_css_double (SP_OBJECT_REPR (stop), "offset", stop->offset); Inkscape::CSSOStringStream os; gchar c[64]; - sp_svg_write_color (c, 64, rgb); + sp_svg_write_color (c, sizeof(c), rgb); os << "stop-color:" << c << ";stop-opacity:" << (gdouble) alpha <<";"; SP_OBJECT_REPR (stop)->setAttribute("style", os.str().c_str()); // g_snprintf (c, 256, "stop-color:#%06x;stop-opacity:%g;", rgb >> 8, (gdouble) alpha); -- 2.30.2