Archivist
/
raylib-src
mirror of https://github.com/raysan5/raylib
1
0
Fork 0
Code Issues 0 Releases 24 Wiki Activity
Browse Source

Fix sscanf() without field limits can crash with huge input data

pull/504/head
maficccc@gmail.com 7 years ago
committed by Martinfx
parent
db98dba10f
commit
201007e426
1 changed files with 7 additions and 7 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +7
    -7
      src/models.c

+ 7
- 7
src/models.c View File

@ -2353,7 +2353,7 @@ static Mesh LoadOBJ(const char *fileName)
// NOTE: Texture map parameters are not supported // NOTE: Texture map parameters are not supported
static Material LoadMTL(const char *fileName) static Material LoadMTL(const char *fileName)
{ {
#define MAX_BUFFER_SIZE 128
#define MAX_BUFFER_SIZE 128
Material material = { 0 }; Material material = { 0 };
@ -2381,7 +2381,7 @@ static Material LoadMTL(const char *fileName)
case 'n': // newmtl string Material name. Begins a new material description. case 'n': // newmtl string Material name. Begins a new material description.
{ {
// TODO: Support multiple materials in a single .mtl // TODO: Support multiple materials in a single .mtl
sscanf(buffer, "newmtl %s", mapFileName);
sscanf(buffer, "newmtl %127s", mapFileName);
TraceLog(LOG_INFO, "[%s] Loading material...", mapFileName); TraceLog(LOG_INFO, "[%s] Loading material...", mapFileName);
} }
@ -2446,12 +2446,12 @@ static Material LoadMTL(const char *fileName)
{ {
if (buffer[5] == 'd') // map_Kd string Diffuse color texture map. if (buffer[5] == 'd') // map_Kd string Diffuse color texture map.
{ {
result = sscanf(buffer, "map_Kd %s", mapFileName);
result = sscanf(buffer, "map_Kd %127s", mapFileName);
if (result != EOF) material.maps[MAP_DIFFUSE].texture = LoadTexture(mapFileName); if (result != EOF) material.maps[MAP_DIFFUSE].texture = LoadTexture(mapFileName);
} }
else if (buffer[5] == 's') // map_Ks string Specular color texture map. else if (buffer[5] == 's') // map_Ks string Specular color texture map.
{ {
result = sscanf(buffer, "map_Ks %s", mapFileName);
result = sscanf(buffer, "map_Ks %127s", mapFileName);
if (result != EOF) material.maps[MAP_SPECULAR].texture = LoadTexture(mapFileName); if (result != EOF) material.maps[MAP_SPECULAR].texture = LoadTexture(mapFileName);
} }
else if (buffer[5] == 'a') // map_Ka string Ambient color texture map. else if (buffer[5] == 'a') // map_Ka string Ambient color texture map.
@ -2461,12 +2461,12 @@ static Material LoadMTL(const char *fileName)
} break; } break;
case 'B': // map_Bump string Bump texture map. case 'B': // map_Bump string Bump texture map.
{ {
result = sscanf(buffer, "map_Bump %s", mapFileName);
result = sscanf(buffer, "map_Bump %127s", mapFileName);
if (result != EOF) material.maps[MAP_NORMAL].texture = LoadTexture(mapFileName); if (result != EOF) material.maps[MAP_NORMAL].texture = LoadTexture(mapFileName);
} break; } break;
case 'b': // map_bump string Bump texture map. case 'b': // map_bump string Bump texture map.
{ {
result = sscanf(buffer, "map_bump %s", mapFileName);
result = sscanf(buffer, "map_bump %127s", mapFileName);
if (result != EOF) material.maps[MAP_NORMAL].texture = LoadTexture(mapFileName); if (result != EOF) material.maps[MAP_NORMAL].texture = LoadTexture(mapFileName);
} break; } break;
case 'd': // map_d string Opacity texture map. case 'd': // map_d string Opacity texture map.
@ -2491,7 +2491,7 @@ static Material LoadMTL(const char *fileName)
} break; } break;
case 'b': // bump string Bump texture map case 'b': // bump string Bump texture map
{ {
result = sscanf(buffer, "bump %s", mapFileName);
result = sscanf(buffer, "bump %127s", mapFileName);
if (result != EOF) material.maps[MAP_NORMAL].texture = LoadTexture(mapFileName); if (result != EOF) material.maps[MAP_NORMAL].texture = LoadTexture(mapFileName);
} break; } break;
case 'T': // Tr float Transparency Tr (alpha). Tr is inverse of d case 'T': // Tr float Transparency Tr (alpha). Tr is inverse of d

Write Preview
Loading…
Cancel
Save