Commit: 12168ccf189df580b3a2ffd95bcc31a51c7d86a3
Author: Campbell Barton
Date: Wed Nov 11 14:08:53 2020 +1100
Branches: blender-v2.91-release
https://developer.blender.org/rB12168ccf189df580b3a2ffd95bcc31a51c7d86a3
ImBuf: replace incorrect strstr use with memcmp
Besides being incorrect as only the first two bytes should be tested,
searching binary data using `strstr` can easily read past buffer bounds.
===================================================================
M source/blender/imbuf/intern/radiance_hdr.c
===================================================================
diff --git a/source/blender/imbuf/intern/radiance_hdr.c
b/source/blender/imbuf/intern/radiance_hdr.c
index 3dd26e1f7a2..21709fa8603 100644
--- a/source/blender/imbuf/intern/radiance_hdr.c
+++ b/source/blender/imbuf/intern/radiance_hdr.c
@@ -203,7 +203,7 @@ int imb_is_a_hdr(const unsigned char *buf)
/* update: actually, the 'RADIANCE' part is just an optional program name,
* the magic word is really only the '#?' part */
// if (strstr((char *)buf, "#?RADIANCE")) return 1;
- if (strstr((char *)buf, "#?")) {
+ if (memcmp((char *)buf, "#?", 2) == 0) {
return 1;
}
// if (strstr((char *)buf, "32-bit_rle_rgbe")) return 1;
_______________________________________________
Bf-blender-cvs mailing list
[email protected]
https://lists.blender.org/mailman/listinfo/bf-blender-cvs
