diff options
author | Kent Mein <mein@cs.umn.edu> | 2008-04-17 19:41:06 +0400 |
---|---|---|
committer | Kent Mein <mein@cs.umn.edu> | 2008-04-17 19:41:06 +0400 |
commit | 0ecf7a6f5bce3d2f3291e61823a0fc295c153a98 (patch) | |
tree | e12219a6427fa1cef74a2b38b9bbb74fd2108ec5 /source/blender/imbuf/intern/radiance_hdr.c | |
parent | da3c44958e7264d2cb7cd98615b4d1d05cc02a96 (diff) |
My last commit for the sscanf buffer overflow did not really fix the
problem. Now the fixed length strings are limited in the sscanf so
it should be much better now.
Kent
Diffstat (limited to 'source/blender/imbuf/intern/radiance_hdr.c')
-rw-r--r-- | source/blender/imbuf/intern/radiance_hdr.c | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/source/blender/imbuf/intern/radiance_hdr.c b/source/blender/imbuf/intern/radiance_hdr.c index 792bec69e91..df6211ff390 100644 --- a/source/blender/imbuf/intern/radiance_hdr.c +++ b/source/blender/imbuf/intern/radiance_hdr.c @@ -182,7 +182,6 @@ struct ImBuf *imb_loadhdr(unsigned char *mem, int size, int flags) unsigned char* ptr; unsigned char* rect; char oriY[80], oriX[80]; - char buff[STR_MAX]; if (imb_is_a_hdr((void*)mem)) { @@ -194,8 +193,7 @@ struct ImBuf *imb_loadhdr(unsigned char *mem, int size, int flags) } } if (found) { - BLI_strncpy(buff, (char *)&mem[x+1], sizeof(buff)); - if (sscanf(buff, "%s %d %s %d", (char*)&oriY, &height, + if (sscanf((char *)&mem[x+1], "%80s %d %80s %d", (char*)&oriY, &height, (char*)&oriX, &width) != 4) return NULL; /* find end of this line, data right behind it */ |