diff options
| author | Albrecht Schlosser <albrechts.fltk@online.de> | 2021-09-13 19:20:26 +0200 |
|---|---|---|
| committer | Albrecht Schlosser <albrechts.fltk@online.de> | 2021-09-13 19:31:27 +0200 |
| commit | a774e120bc11dedc52c2e80185ccbd2f1acda59b (patch) | |
| tree | 8abf747d79b0c6f2fb30441ee43c0fbe4d24d97c /nanosvg/nanosvg.h | |
| parent | 828d3dd722bd3c3beeca7bd07cb83d6105d6a324 (diff) | |
Update nanosvg library to latest upstream version
commit ccdb1995134d340a93fb20e3a3d323ccb3838dd0
Merge: 3cdd4a9 419782d
Author: Mikko Mononen <memononen@gmail.com>
Date: Fri Sep 3 21:24:42 2021 +0300
Merge pull request #198 from ctrlcctrlv/CVE_2019_1000032
Fix decimal values in color fields (nsvg__parseColorRGB, nsvg__parseColorHex)
Diffstat (limited to 'nanosvg/nanosvg.h')
| -rw-r--r-- | nanosvg/nanosvg.h | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/nanosvg/nanosvg.h b/nanosvg/nanosvg.h index 035b0e52e..0175ade74 100644 --- a/nanosvg/nanosvg.h +++ b/nanosvg/nanosvg.h @@ -1223,25 +1223,23 @@ static const char* nsvg__getNextPathItem(const char* s, char* it) static unsigned int nsvg__parseColorHex(const char* str) { - // FLTK: Solve fltk issue#180 / CVE-2019-1000032 unsigned int r=0, g=0, b=0; if (sscanf(str, "#%2x%2x%2x", &r, &g, &b) == 3 ) // 2 digit hex return NSVG_RGB(r, g, b); if (sscanf(str, "#%1x%1x%1x", &r, &g, &b) == 3 ) // 1 digit hex, e.g. #abc -> 0xccbbaa - return NSVG_RGB(r*17, g*17, b*17); // has same effect as (r<<4|r), (g<<4|g), .. + return NSVG_RGB(r*17, g*17, b*17); // same effect as (r<<4|r), (g<<4|g), .. return NSVG_RGB(128, 128, 128); } static unsigned int nsvg__parseColorRGB(const char* str) { - // FLTK: Solve fltk issue#180 / CVE-2019-1000032 unsigned int r=0, g=0, b=0; if (sscanf(str, "rgb(%u, %u, %u)", &r, &g, &b) == 3) // decimal integers return NSVG_RGB(r, g, b); if (sscanf(str, "rgb(%u%%, %u%%, %u%%)", &r, &g, &b) == 3) { // decimal integer percentage - r = (r <= 100) ? ((r*255)/100) : 255; // clip percentages >100 - g = (g <= 100) ? ((g*255)/100) : 255; - b = (b <= 100) ? ((b*255)/100) : 255; + r = (r <= 100) ? ((r*255)/100) : 255; // FLTK: clip percentages >100 + g = (g <= 100) ? ((g*255)/100) : 255; + b = (b <= 100) ? ((b*255)/100) : 255; return NSVG_RGB(r, g, b); } return NSVG_RGB(128, 128, 128); @@ -2188,7 +2186,12 @@ static void nsvg__pathArcTo(NSVGparser* p, float* cpx, float* cpy, float* args, // The loop assumes an iteration per end point (including start and end), this +1. ndivs = (int)(fabsf(da) / (NSVG_PI*0.5f) + 1.0f); hda = (da / (float)ndivs) / 2.0f; - kappa = fabsf(4.0f / 3.0f * (1.0f - cosf(hda)) / sinf(hda)); + // Fix for ticket #179: division by 0: avoid cotangens around 0 (infinite) + if ((hda < 1e-3f) && (hda > -1e-3f)) + hda *= 0.5f; + else + hda = (1.0f - cosf(hda)) / sinf(hda); + kappa = fabsf(4.0f / 3.0f * hda); if (da < 0.0f) kappa = -kappa; |