haskal
/
kicad
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Sanity-check loop bounds in SHAPE_LINE_CHAIN::Parse 

Coverity CID: 128540
This commit is contained in:
Chris Pavlina 2016-05-11 23:28:08 -04:00
parent e782e463f4
commit a488cb0142
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
common/geometry/shape_line_chain.cpp
View File

@ -570,6 +570,11 @@ bool SHAPE_LINE_CHAIN::Parse( std::stringstream& aStream )
m_points.clear(); m_points.clear();
aStream >> n_pts; aStream >> n_pts;
// Rough sanity check, just make sure the loop bounds aren't absolutely outlandish
if( n_pts < 0 || n_pts > aStream.str().size() )
return false;
aStream >> m_closed; aStream >> m_closed;
for( int i = 0; i < n_pts; i++ ) for( int i = 0; i < n_pts; i++ )
@ -581,4 +586,4 @@ bool SHAPE_LINE_CHAIN::Parse( std::stringstream& aStream )
} }
return true; return true;
} }