diff options
| author | jan.nijtmans <nijtmans@users.sourceforge.net> | 2012-03-21 22:23:32 (GMT) |
|---|---|---|
| committer | jan.nijtmans <nijtmans@users.sourceforge.net> | 2012-03-21 22:23:32 (GMT) |
| commit | f7b1124c07e651cda35446f85222b3001bf1808c (patch) | |
| tree | ba50b1fd6a8a5c99745e18058df4f0e31e290085 /generic | |
| parent | 124fa60cc29955a740d347b52343d826fdf9216d (diff) | |
| parent | 6db610bb79fd5283c600f956e518fcafb974ae8e (diff) | |
| download | tk-f7b1124c07e651cda35446f85222b3001bf1808c.zip tk-f7b1124c07e651cda35446f85222b3001bf1808c.tar.gz tk-f7b1124c07e651cda35446f85222b3001bf1808c.tar.bz2 | |
[Bug 2809525] Abort on overlong color name
Diffstat (limited to 'generic')
| -rw-r--r-- | generic/tkColor.c | 94 |
1 files changed, 51 insertions, 43 deletions
diff --git a/generic/tkColor.c b/generic/tkColor.c index dbdaa23..6a0ea7a 100644 --- a/generic/tkColor.c +++ b/generic/tkColor.c @@ -830,55 +830,63 @@ TkDebugColor( * since XParseColor already does the right thing */ Status TkParseColor( - Display * display, /* The display */ + Display *display, /* The display */ Colormap map, /* Color map */ - const char* spec, /* String to be parsed */ - XColor * colorPtr) + const char *name, /* String to be parsed */ + XColor *color) { - if (*spec == '#') { - char buf[14]; - buf[0] = '#'; buf[13] = '\0'; - if (!*(++spec) || !*(++spec) || !*(++spec)) { - /* Not at least 3 hex digits, so invalid */ + if (*name == '#') { + char buf[14]; + buf[0] = '#'; buf[13] = '\0'; + if (!*(++name) || !*(++name) || !*(++name)) { + /* Not at least 3 hex digits, so invalid */ return 0; - } else if (!*(++spec)) { - /* Exactly 3 hex digits */ - buf[9] = buf[10] = buf[11] = buf[12] = *(--spec); - buf[5] = buf[6] = buf[7] = buf[8] = *(--spec); - buf[1] = buf[2] = buf[3] = buf[4] = *(--spec); - spec = buf; - } else if (!*(++spec) || !*(++spec)) { - /* Not at least 6 hex digits, so invalid */ - return 0; - } else if (!*(++spec)) { - /* Exactly 6 hex digits */ - buf[10] = buf[12] = *(--spec); - buf[9] = buf[11] = *(--spec); - buf[6] = buf[8] = *(--spec); - buf[5] = buf[7] = *(--spec); - buf[2] = buf[4] = *(--spec); - buf[1] = buf[3] = *(--spec); - spec = buf; - } else if (!*(++spec) || !*(++spec)) { - /* Not at least 9 hex digits, so invalid */ - return 0; - } else if (!*(++spec)) { - /* Exactly 9 hex digits */ - buf[11] = *(--spec); - buf[10] = *(--spec); - buf[9] = buf[12] = *(--spec); - buf[7] = *(--spec); - buf[6] = *(--spec); - buf[5] = buf[8] = *(--spec); - buf[3] = *(--spec); - buf[2] = *(--spec); - buf[1] = buf[4] = *(--spec); - spec = buf; + } else if (!*(++name)) { + /* Exactly 3 hex digits */ + buf[9] = buf[10] = buf[11] = buf[12] = *(--name); + buf[5] = buf[6] = buf[7] = buf[8] = *(--name); + buf[1] = buf[2] = buf[3] = buf[4] = *(--name); + name = buf; + } else if (!*(++name) || !*(++name)) { + /* Not at least 6 hex digits, so invalid */ + return 0; + } else if (!*(++name)) { + /* Exactly 6 hex digits */ + buf[10] = buf[12] = *(--name); + buf[9] = buf[11] = *(--name); + buf[6] = buf[8] = *(--name); + buf[5] = buf[7] = *(--name); + buf[2] = buf[4] = *(--name); + buf[1] = buf[3] = *(--name); + name = buf; + } else if (!*(++name) || !*(++name)) { + /* Not at least 9 hex digits, so invalid */ + return 0; + } else if (!*(++name)) { + /* Exactly 9 hex digits */ + buf[11] = *(--name); + buf[10] = *(--name); + buf[9] = buf[12] = *(--name); + buf[7] = *(--name); + buf[6] = *(--name); + buf[5] = buf[8] = *(--name); + buf[3] = *(--name); + buf[2] = *(--name); + buf[1] = buf[4] = *(--name); + name = buf; + } else if (!*(++name) || !*(++name) || *(++name)) { + /* Not exactly 12 hex digits, so invalid */ + return 0; } else { - spec -= 10; + name -= 13; + } + } else { + if (strlen(name) > 99) { + /* Don't bother to parse this. [Bug 2809525]*/ + return 0; } } - return XParseColor(display, map, spec, colorPtr); + return XParseColor(display, map, name, color); } #endif /* __WIN32__ */ /* |