diff options
| author | Caolán McNamara <caolanm@redhat.com> | 2017-06-23 10:06:32 +0100 |
|---|---|---|
| committer | Caolán McNamara <caolanm@redhat.com> | 2017-06-23 10:55:54 +0100 |
| commit | ce45dcf8d7ae0b41e898850090cc2ad4fdc0bfd4 (patch) | |
| tree | 562745589e8888d394177a521e33c26a3dfedba0 /vcl | |
| parent | 75ab9e5cf8e23639f1d7d38e9a8279ac702dca3a (diff) | |
coverity#1412987 Untrusted value as argument
Change-Id: Ia41c81d7cf864a5b38594b85577139bdaf5fc7bb
Diffstat (limited to 'vcl')
| -rw-r--r-- | vcl/source/filter/sgvmain.cxx | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/vcl/source/filter/sgvmain.cxx b/vcl/source/filter/sgvmain.cxx index 8fb9f0529aa8..35cade1d954a 100644 --- a/vcl/source/filter/sgvmain.cxx +++ b/vcl/source/filter/sgvmain.cxx @@ -775,9 +775,17 @@ void DrawObjkList( SvStream& rInp, OutputDevice& rOut ) TextType aText; ReadTextType( rInp, aText ); if (!rInp.GetError()) { - UCHAR *pBuffer = new UCHAR[aText.BufSize+1]; // add one for LookAhead at CK-separation - rInp.ReadBytes(pBuffer, aText.BufSize); - if (!rInp.GetError()) aText.Draw(rOut, pBuffer); + const size_t nRemainingSize = rInp.remainingSize(); + size_t nSize = aText.BufSize; + if (nSize > nRemainingSize) + { + SAL_WARN("vcl", "file is shorter than requested len"); + nSize = nRemainingSize; + } + UCHAR *pBuffer = new UCHAR[nSize+1]; // add one for LookAhead at CK-separation + size_t nReadSize = rInp.ReadBytes(pBuffer, nSize); + pBuffer[nReadSize] = 0; + if (!rInp.GetError() && nReadSize == aText.BufSize) aText.Draw(rOut, pBuffer); delete[] pBuffer; } } break; |