diff options
| author | Campbell Barton <ideasman42@gmail.com> | 2020-11-11 06:08:53 +0300 |
|---|---|---|
| committer | Jeroen Bakker <jeroen@blender.org> | 2020-12-02 10:32:33 +0300 |
| commit | 13b02a724f440cfab73a51ec2dfe709fd2eec2a1 (patch) | |
| tree | eb607bf2f5c3717c7204517e8634e61308dc35c8 | |
| parent | 8b59119e10211da4f9d1dd2aa95c3132cb65e609 (diff) | |
ImBuf: replace incorrect strstr use with memcmp
Besides being incorrect as only the first two bytes should be tested,
searching binary data using `strstr` can easily read past buffer bounds.
| -rw-r--r-- | source/blender/imbuf/intern/radiance_hdr.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/source/blender/imbuf/intern/radiance_hdr.c b/source/blender/imbuf/intern/radiance_hdr.c index 46d07e74ce3..54252254ef1 100644 --- a/source/blender/imbuf/intern/radiance_hdr.c +++ b/source/blender/imbuf/intern/radiance_hdr.c @@ -203,7 +203,7 @@ int imb_is_a_hdr(const unsigned char *buf) /* update: actually, the 'RADIANCE' part is just an optional program name, * the magic word is really only the '#?' part */ // if (strstr((char *)buf, "#?RADIANCE")) return 1; - if (strstr((char *)buf, "#?")) { + if (memcmp((char *)buf, "#?", 2) == 0) { return 1; } // if (strstr((char *)buf, "32-bit_rle_rgbe")) return 1; |