diff options
| author | jan.nijtmans <nijtmans@users.sourceforge.net> | 2012-03-21 22:17:23 (GMT) |
|---|---|---|
| committer | jan.nijtmans <nijtmans@users.sourceforge.net> | 2012-03-21 22:17:23 (GMT) |
| commit | 06a17431086a4c08e2111ef5942d49759f7b3687 (patch) | |
| tree | 29b261c83308bb7a053653c3259ec9cf921a74bb /generic | |
| parent | 2f563d12979d7011cdde4eccacb98e0b3703cb5b (diff) | |
| download | tk-06a17431086a4c08e2111ef5942d49759f7b3687.zip tk-06a17431086a4c08e2111ef5942d49759f7b3687.tar.gz tk-06a17431086a4c08e2111ef5942d49759f7b3687.tar.bz2 | |
[Bug 2809525] Abort on overlong color name
Diffstat (limited to 'generic')
| -rw-r--r-- | generic/tkColor.c | 94 |
1 files changed, 51 insertions, 43 deletions
diff --git a/generic/tkColor.c b/generic/tkColor.c index edd8509..5866dfd 100644 --- a/generic/tkColor.c +++ b/generic/tkColor.c @@ -814,55 +814,63 @@ TkDebugColor(tkwin, name) /* This function is not necessary for Win32, * since XParseColor already does the right thing */ Status -TkParseColor(display, map, spec, colorPtr) +TkParseColor(display, map, name, color) Display * display; /* The display */ Colormap map; /* Color map */ - CONST char* spec; /* String to be parsed */ - XColor * colorPtr; + CONST char* name; /* String to be parsed */ + XColor * color; { - if (*spec == '#') { - char buf[14]; - buf[0] = '#'; buf[13] = '\0'; - if (!*(++spec) || !*(++spec) || !*(++spec)) { - /* Not at least 3 hex digits, so invalid */ + if (*name == '#') { + char buf[14]; + buf[0] = '#'; buf[13] = '\0'; + if (!*(++name) || !*(++name) || !*(++name)) { + /* Not at least 3 hex digits, so invalid */ return 0; - } else if (!*(++spec)) { - /* Exactly 3 hex digits */ - buf[9] = buf[10] = buf[11] = buf[12] = *(--spec); - buf[5] = buf[6] = buf[7] = buf[8] = *(--spec); - buf[1] = buf[2] = buf[3] = buf[4] = *(--spec); - spec = buf; - } else if (!*(++spec) || !*(++spec)) { - /* Not at least 6 hex digits, so invalid */ - return 0; - } else if (!*(++spec)) { - /* Exactly 6 hex digits */ - buf[10] = buf[12] = *(--spec); - buf[9] = buf[11] = *(--spec); - buf[6] = buf[8] = *(--spec); - buf[5] = buf[7] = *(--spec); - buf[2] = buf[4] = *(--spec); - buf[1] = buf[3] = *(--spec); - spec = buf; - } else if (!*(++spec) || !*(++spec)) { - /* Not at least 9 hex digits, so invalid */ - return 0; - } else if (!*(++spec)) { - /* Exactly 9 hex digits */ - buf[11] = *(--spec); - buf[10] = *(--spec); - buf[9] = buf[12] = *(--spec); - buf[7] = *(--spec); - buf[6] = *(--spec); - buf[5] = buf[8] = *(--spec); - buf[3] = *(--spec); - buf[2] = *(--spec); - buf[1] = buf[4] = *(--spec); - spec = buf; + } else if (!*(++name)) { + /* Exactly 3 hex digits */ + buf[9] = buf[10] = buf[11] = buf[12] = *(--name); + buf[5] = buf[6] = buf[7] = buf[8] = *(--name); + buf[1] = buf[2] = buf[3] = buf[4] = *(--name); + name = buf; + } else if (!*(++name) || !*(++name)) { + /* Not at least 6 hex digits, so invalid */ + return 0; + } else if (!*(++name)) { + /* Exactly 6 hex digits */ + buf[10] = buf[12] = *(--name); + buf[9] = buf[11] = *(--name); + buf[6] = buf[8] = *(--name); + buf[5] = buf[7] = *(--name); + buf[2] = buf[4] = *(--name); + buf[1] = buf[3] = *(--name); + name = buf; + } else if (!*(++name) || !*(++name)) { + /* Not at least 9 hex digits, so invalid */ + return 0; + } else if (!*(++name)) { + /* Exactly 9 hex digits */ + buf[11] = *(--name); + buf[10] = *(--name); + buf[9] = buf[12] = *(--name); + buf[7] = *(--name); + buf[6] = *(--name); + buf[5] = buf[8] = *(--name); + buf[3] = *(--name); + buf[2] = *(--name); + buf[1] = buf[4] = *(--name); + name = buf; + } else if (!*(++name) || !*(++name) || *(++name)) { + /* Not exactly 12 hex digits, so invalid */ + return 0; } else { - spec -= 10; + name -= 13; + } + } else { + if (strlen(name) > 99) { + /* Don't bother to parse this. [Bug 2809525]*/ + return 0; } } - return XParseColor(display, map, spec, colorPtr); + return XParseColor(display, map, name, color); } #endif /* __WIN32__ */ |