pool/assimp
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ea763a131e
assimp/CVE-2024-48424.patch

60 lines
2.7 KiB
Diff
Raw Blame History

From 2b773f0f5a726c38dda72307b5311c14fc3a76ae Mon Sep 17 00:00:00 2001
From: tyler92 <tyler92@inbox.ru>
Date: Mon, 16 Dec 2024 23:48:45 +0200
Subject: [PATCH] Fix heap-buffer-overflow in OpenDDLParser (#5919)
Co-authored-by: Kim Kulling <kimkulling@users.noreply.github.com>
---
contrib/openddlparser/code/OpenDDLParser.cpp | 16 +++++++---------
1 file changed, 7 insertions(+), 9 deletions(-)
diff --git a/contrib/openddlparser/code/OpenDDLParser.cpp b/contrib/openddlparser/code/OpenDDLParser.cpp
index 3d7dce45ec..26591b5ec8 100644
--- a/contrib/openddlparser/code/OpenDDLParser.cpp
+++ b/contrib/openddlparser/code/OpenDDLParser.cpp
@@ -74,12 +74,11 @@ const char *getTypeToken(Value::ValueType type) {
return Grammar::PrimitiveTypeToken[(size_t)type];
}
-static void logInvalidTokenError(const char *in, const std::string &exp, OpenDDLParser::logCallback callback) {
- if (callback) {
- std::string full(in);
- std::string part(full.substr(0, 50));
+static void logInvalidTokenError(const std::string &in, const std::string &exp, OpenDDLParser::logCallback callback) {
+ if (callback) {\
+ std::string part(in.substr(0, 50));
std::stringstream stream;
- stream << "Invalid token \"" << *in << "\" "
+ stream << "Invalid token \"" << in << "\" "
<< "(expected \"" << exp << "\") "
<< "in: \"" << part << "\"";
callback(ddl_error_msg, stream.str());
@@ -306,7 +305,7 @@ char *OpenDDLParser::parseHeader(char *in, char *end) {
}
if (*in != Grammar::CommaSeparator[0] && *in != Grammar::ClosePropertyToken[0]) {
- logInvalidTokenError(in, Grammar::ClosePropertyToken, m_logCallback);
+ logInvalidTokenError(std::string(in, end), Grammar::ClosePropertyToken, m_logCallback);
return nullptr;
}
@@ -355,8 +354,7 @@ char *OpenDDLParser::parseStructure(char *in, char *end) {
++in;
}
} else {
- ++in;
- logInvalidTokenError(in, std::string(Grammar::OpenBracketToken), m_logCallback);
+ logInvalidTokenError(std::string(in, end), std::string(Grammar::OpenBracketToken), m_logCallback);
error = true;
return nullptr;
}
@@ -427,7 +425,7 @@ char *OpenDDLParser::parseStructureBody(char *in, char *end, bool &error) {
in = lookForNextToken(in, end);
if (in == end || *in != '}') {
- logInvalidTokenError(in == end ? "" : in, std::string(Grammar::CloseBracketToken), m_logCallback);
+ logInvalidTokenError(std::string(in, end), std::string(Grammar::CloseBracketToken), m_logCallback);
return nullptr;
} else {
//in++;
Reference in New Issue View Git Blame Copy Permalink