commit 9a013637bbe7c35dc90cb28ff874da99133a1f8b
Author: Jean-Marc Lasgouttes <[email protected]>
Date: Fri Mar 10 16:29:09 2017 +0100
Experiment: limit size of strings read from lib/symbols
Coverity complains that we might read strings that are arbitrary
large, and that this can be a security issue. This is a problem in
particular, when we feed these strings to from_utf8(), which coverity
flags as dangerous for some reason.
The best solution would be IMO to model from_utf8() properly, but I do
not know how to do that. Here I try a different solution, where I
cannot read a string larger than 64k from the file.
Let's see whether this removes part of coverity warnings.
---
src/mathed/MathFactory.cpp | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/src/mathed/MathFactory.cpp b/src/mathed/MathFactory.cpp
index 3198f80..2cd045b 100644
--- a/src/mathed/MathFactory.cpp
+++ b/src/mathed/MathFactory.cpp
@@ -74,6 +74,7 @@
#include "LyX.h" // use_gui
#include "OutputParams.h"
+#include <iomanip>
using namespace std;
using namespace lyx::support;
@@ -188,7 +189,7 @@ void initSymbols()
string extra;
string xmlname;
bool hidden = false;
- is >> macro >> requires;
+ is >> setw(65536) >> macro >> requires;
if ((is >> xmlname)) {
extra = requires;
if (!(is >> requires))
