From 12168ccf189df580b3a2ffd95bcc31a51c7d86a3 Mon Sep 17 00:00:00 2001
From: Campbell Barton <ideasman42@gmail.com>
Date: Wed, 11 Nov 2020 14:08:53 +1100
Subject: ImBuf: replace incorrect strstr use with memcmp

Besides being incorrect as only the first two bytes should be tested,
searching binary data using `strstr` can easily read past buffer bounds.
---
 source/blender/imbuf/intern/radiance_hdr.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source/blender/imbuf')

diff --git a/source/blender/imbuf/intern/radiance_hdr.c b/source/blender/imbuf/intern/radiance_hdr.c
index 3dd26e1f7a2..21709fa8603 100644
--- a/source/blender/imbuf/intern/radiance_hdr.c
+++ b/source/blender/imbuf/intern/radiance_hdr.c
@@ -203,7 +203,7 @@ int imb_is_a_hdr(const unsigned char *buf)
   /* update: actually, the 'RADIANCE' part is just an optional program name,
    * the magic word is really only the '#?' part */
   // if (strstr((char *)buf, "#?RADIANCE")) return 1;
-  if (strstr((char *)buf, "#?")) {
+  if (memcmp((char *)buf, "#?", 2) == 0) {
     return 1;
   }
   // if (strstr((char *)buf, "32-bit_rle_rgbe")) return 1;
-- 
cgit v1.2.3