summaryrefslogtreecommitdiffstats
path: root/generic
diff options
context:
space:
mode:
authorjan.nijtmans <nijtmans@users.sourceforge.net>2012-03-21 22:22:53 (GMT)
committerjan.nijtmans <nijtmans@users.sourceforge.net>2012-03-21 22:22:53 (GMT)
commit6db610bb79fd5283c600f956e518fcafb974ae8e (patch)
treea523b8d182e2349f2bfa0950f4d219e0ddd31c6c /generic
parente82ec654c94d1f0ae357d10c1e9ab6df5830b720 (diff)
parent06a17431086a4c08e2111ef5942d49759f7b3687 (diff)
downloadtk-6db610bb79fd5283c600f956e518fcafb974ae8e.zip
tk-6db610bb79fd5283c600f956e518fcafb974ae8e.tar.gz
tk-6db610bb79fd5283c600f956e518fcafb974ae8e.tar.bz2
[Bug 2809525] Abort on overlong color name
Diffstat (limited to 'generic')
-rw-r--r--generic/tkColor.c94
1 files changed, 51 insertions, 43 deletions
diff --git a/generic/tkColor.c b/generic/tkColor.c
index da2cb9b..cafaaaa 100644
--- a/generic/tkColor.c
+++ b/generic/tkColor.c
@@ -804,55 +804,63 @@ TkDebugColor(
* since XParseColor already does the right thing */
Status
TkParseColor(
- Display * display, /* The display */
+ Display *display, /* The display */
Colormap map, /* Color map */
- const char* spec, /* String to be parsed */
- XColor * colorPtr)
+ const char *name, /* String to be parsed */
+ XColor *color)
{
- if (*spec == '#') {
- char buf[14];
- buf[0] = '#'; buf[13] = '\0';
- if (!*(++spec) || !*(++spec) || !*(++spec)) {
- /* Not at least 3 hex digits, so invalid */
+ if (*name == '#') {
+ char buf[14];
+ buf[0] = '#'; buf[13] = '\0';
+ if (!*(++name) || !*(++name) || !*(++name)) {
+ /* Not at least 3 hex digits, so invalid */
return 0;
- } else if (!*(++spec)) {
- /* Exactly 3 hex digits */
- buf[9] = buf[10] = buf[11] = buf[12] = *(--spec);
- buf[5] = buf[6] = buf[7] = buf[8] = *(--spec);
- buf[1] = buf[2] = buf[3] = buf[4] = *(--spec);
- spec = buf;
- } else if (!*(++spec) || !*(++spec)) {
- /* Not at least 6 hex digits, so invalid */
- return 0;
- } else if (!*(++spec)) {
- /* Exactly 6 hex digits */
- buf[10] = buf[12] = *(--spec);
- buf[9] = buf[11] = *(--spec);
- buf[6] = buf[8] = *(--spec);
- buf[5] = buf[7] = *(--spec);
- buf[2] = buf[4] = *(--spec);
- buf[1] = buf[3] = *(--spec);
- spec = buf;
- } else if (!*(++spec) || !*(++spec)) {
- /* Not at least 9 hex digits, so invalid */
- return 0;
- } else if (!*(++spec)) {
- /* Exactly 9 hex digits */
- buf[11] = *(--spec);
- buf[10] = *(--spec);
- buf[9] = buf[12] = *(--spec);
- buf[7] = *(--spec);
- buf[6] = *(--spec);
- buf[5] = buf[8] = *(--spec);
- buf[3] = *(--spec);
- buf[2] = *(--spec);
- buf[1] = buf[4] = *(--spec);
- spec = buf;
+ } else if (!*(++name)) {
+ /* Exactly 3 hex digits */
+ buf[9] = buf[10] = buf[11] = buf[12] = *(--name);
+ buf[5] = buf[6] = buf[7] = buf[8] = *(--name);
+ buf[1] = buf[2] = buf[3] = buf[4] = *(--name);
+ name = buf;
+ } else if (!*(++name) || !*(++name)) {
+ /* Not at least 6 hex digits, so invalid */
+ return 0;
+ } else if (!*(++name)) {
+ /* Exactly 6 hex digits */
+ buf[10] = buf[12] = *(--name);
+ buf[9] = buf[11] = *(--name);
+ buf[6] = buf[8] = *(--name);
+ buf[5] = buf[7] = *(--name);
+ buf[2] = buf[4] = *(--name);
+ buf[1] = buf[3] = *(--name);
+ name = buf;
+ } else if (!*(++name) || !*(++name)) {
+ /* Not at least 9 hex digits, so invalid */
+ return 0;
+ } else if (!*(++name)) {
+ /* Exactly 9 hex digits */
+ buf[11] = *(--name);
+ buf[10] = *(--name);
+ buf[9] = buf[12] = *(--name);
+ buf[7] = *(--name);
+ buf[6] = *(--name);
+ buf[5] = buf[8] = *(--name);
+ buf[3] = *(--name);
+ buf[2] = *(--name);
+ buf[1] = buf[4] = *(--name);
+ name = buf;
+ } else if (!*(++name) || !*(++name) || *(++name)) {
+ /* Not exactly 12 hex digits, so invalid */
+ return 0;
} else {
- spec -= 10;
+ name -= 13;
+ }
+ } else {
+ if (strlen(name) > 99) {
+ /* Don't bother to parse this. [Bug 2809525]*/
+ return 0;
}
}
- return XParseColor(display, map, spec, colorPtr);
+ return XParseColor(display, map, name, color);
}
#endif /* __WIN32__ */
/*