v4games
/
assimp
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix potential security issues.

pull/2325/head
Kim Kulling 2019-02-05 22:05:52 +01:00
parent 0f8f1449a1
commit 6e39c22554
7 changed files with 41 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
code/AssbinExporter.cpp
View File

@ -760,7 +760,12 @@ public:
if (!out) return; if (!out) return;
time_t tt = time(NULL); time_t tt = time(NULL);
#if _WIN32
tm* p = gmtime(&tt); tm* p = gmtime(&tt);
#else
struct tm now;
tm* p = gmtime_r(&tt, &now);
#endif
// header // header
char s[64]; char s[64];

1
code/AssimpCExport.cpp
View File

@ -60,7 +60,6 @@ ASSIMP_API size_t aiGetExportFormatCount(void)
return Exporter().GetExportFormatCount(); return Exporter().GetExportFormatCount();
} }
// ------------------------------------------------------------------------------------------------ // ------------------------------------------------------------------------------------------------
ASSIMP_API const aiExportFormatDesc* aiGetExportFormatDescription( size_t index) ASSIMP_API const aiExportFormatDesc* aiGetExportFormatDescription( size_t index)
{ {

9
code/AssxmlExporter.cpp
View File

@ -184,8 +184,13 @@ static std::string encodeXML(const std::string& data) {
static static
void WriteDump(const aiScene* scene, IOStream* io, bool shortened) { void WriteDump(const aiScene* scene, IOStream* io, bool shortened) {
time_t tt = ::time( NULL ); time_t tt = ::time( NULL );
tm* p = ::gmtime( &tt ); #if _WIN32
ai_assert( nullptr != p ); tm* p = gmtime(&tt);
#else
struct tm now;
tm* p = gmtime_r(&tt, &now);
#endif
ai_assert(nullptr != p);
// write header // write header
std::string header( std::string header(

2
code/ColladaParser.cpp
View File

@ -2362,7 +2362,7 @@ size_t ColladaParser::ReadPrimitives( Mesh* pMesh, std::vector<InputChannel>& pP
if( expectedPointCount > 0 && indices.size() != expectedPointCount * numOffsets) { if( expectedPointCount > 0 && indices.size() != expectedPointCount * numOffsets) {
if (pPrimType == Prim_Lines) { if (pPrimType == Prim_Lines) {
// HACK: We just fix this number since SketchUp 15.3.331 writes the wrong 'count' for 'lines' // HACK: We just fix this number since SketchUp 15.3.331 writes the wrong 'count' for 'lines'
ReportWarning( "Expected different index count in <p> element, %d instead of %d.", indices.size(), expectedPointCount * numOffsets); ReportWarning( "Expected different index count in <p> element, %zu instead of %zu.", indices.size(), expectedPointCount * numOffsets);
pNumPrimitives = (indices.size() / numOffsets) / 2; pNumPrimitives = (indices.size() / numOffsets) / 2;
} else } else
ThrowException( "Expected different index count in <p> element."); ThrowException( "Expected different index count in <p> element.");

28
code/ValidateDataStructure.cpp
View File

@ -180,23 +180,21 @@ inline void ValidateDSProcess::DoValidationEx(T** parray, unsigned int size,
// ------------------------------------------------------------------------------------------------ // ------------------------------------------------------------------------------------------------
template <typename T> template <typename T>
inline void ValidateDSProcess::DoValidationWithNameCheck(T** array, inline
unsigned int size, const char* firstName, void ValidateDSProcess::DoValidationWithNameCheck(T** array, unsigned int size, const char* firstName, const char* secondName) {
const char* secondName)
{
// validate all entries // validate all entries
DoValidationEx(array,size,firstName,secondName); DoValidationEx(array,size,firstName,secondName);
for (unsigned int i = 0; i < size;++i) for (unsigned int i = 0; i < size;++i) {
{
int res = HasNameMatch(array[i]->mName,mScene->mRootNode); int res = HasNameMatch(array[i]->mName,mScene->mRootNode);
if (!res) { if (0 == res) {
const std::string name = static_cast<char*>(array[i]->mName.data);
ReportError("aiScene::%s[%i] has no corresponding node in the scene graph (%s)", ReportError("aiScene::%s[%i] has no corresponding node in the scene graph (%s)",
firstName,i,array[i]->mName.data); firstName,i, name.c_str());
} } else if (1 != res) {
else if (1 != res) { const std::string name = static_cast<char*>(array[i]->mName.data);
ReportError("aiScene::%s[%i]: there are more than one nodes with %s as name", ReportError("aiScene::%s[%i]: there are more than one nodes with %s as name",
firstName,i,array[i]->mName.data); firstName,i, name.c_str());
} }
} }
} }
@ -699,7 +697,7 @@ void ValidateDSProcess::Validate( const aiMaterial* pMaterial)
if (prop->mDataLength < 5 || prop->mDataLength < 4 + (*reinterpret_cast<uint32_t*>(prop->mData)) + 1) { if (prop->mDataLength < 5 || prop->mDataLength < 4 + (*reinterpret_cast<uint32_t*>(prop->mData)) + 1) {
ReportError("aiMaterial::mProperties[%i].mDataLength is " ReportError("aiMaterial::mProperties[%i].mDataLength is "
"too small to contain a string (%i, needed: %i)", "too small to contain a string (%i, needed: %i)",
i,prop->mDataLength,sizeof(aiString)); i,prop->mDataLength,static_cast<int>(sizeof(aiString)));
} }
if(prop->mData[prop->mDataLength-1]) { if(prop->mData[prop->mDataLength-1]) {
ReportError("Missing null-terminator in string material property"); ReportError("Missing null-terminator in string material property");
@ -710,14 +708,14 @@ void ValidateDSProcess::Validate( const aiMaterial* pMaterial)
if (prop->mDataLength < sizeof(float)) { if (prop->mDataLength < sizeof(float)) {
ReportError("aiMaterial::mProperties[%i].mDataLength is " ReportError("aiMaterial::mProperties[%i].mDataLength is "
"too small to contain a float (%i, needed: %i)", "too small to contain a float (%i, needed: %i)",
i,prop->mDataLength,sizeof(float)); i,prop->mDataLength, static_cast<int>(sizeof(float)));
} }
} }
else if (aiPTI_Integer == prop->mType) { else if (aiPTI_Integer == prop->mType) {
if (prop->mDataLength < sizeof(int)) { if (prop->mDataLength < sizeof(int)) {
ReportError("aiMaterial::mProperties[%i].mDataLength is " ReportError("aiMaterial::mProperties[%i].mDataLength is "
"too small to contain an integer (%i, needed: %i)", "too small to contain an integer (%i, needed: %i)",
i,prop->mDataLength,sizeof(int)); i,prop->mDataLength, static_cast<int>(sizeof(int)));
} }
} }
// TODO: check whether there is a key with an unknown name ... // TODO: check whether there is a key with an unknown name ...
@ -955,7 +953,7 @@ void ValidateDSProcess::Validate( const aiString* pString)
{ {
if (pString->length > MAXLEN) if (pString->length > MAXLEN)
{ {
this->ReportError("aiString::length is too large (%i, maximum is %i)", this->ReportError("aiString::length is too large (%i, maximum is %lu)",
pString->length,MAXLEN); pString->length,MAXLEN);
} }
const char* sz = pString->data; const char* sz = pString->data;

16
tools/assimp_cmd/WriteDumb.cpp
View File

@ -679,7 +679,13 @@ void WriteBinaryDump(const aiScene* scene, FILE* _out, const char* src, const ch
shortened = _shortened; shortened = _shortened;
time_t tt = time(NULL); time_t tt = time(NULL);
tm* p = gmtime(&tt); #if _WIN32
tm* p = gmtime(&tt);
#else
struct tm now;
tm* p = gmtime_r(&tt, &now);
#endif
ai_assert(nullptr != p);
// header // header
fprintf(out,"ASSIMP.binary-dump.%s",asctime(p)); fprintf(out,"ASSIMP.binary-dump.%s",asctime(p));
@ -861,7 +867,13 @@ static std::string encodeXML(const std::string& data) {
void WriteDump(const aiScene* scene, FILE* out, const char* src, const char* cmd, bool shortened) void WriteDump(const aiScene* scene, FILE* out, const char* src, const char* cmd, bool shortened)
{ {
time_t tt = ::time(NULL); time_t tt = ::time(NULL);
tm* p = ::gmtime(&tt); #if _WIN32
tm* p = gmtime(&tt);
#else
struct tm now;
tm* p = gmtime_r(&tt, &now);
#endif
ai_assert(nullptr != p);
std::string c = cmd; std::string c = cmd;
std::string::size_type s; std::string::size_type s;

34
tools/assimp_view/MessageProc.cpp
View File

@ -852,31 +852,6 @@ void OpenAsset() {
strcpy(szCur,"*.*"); strcpy(szCur,"*.*");
szCur[4] = 0; szCur[4] = 0;
/*DWORD lStructSize;
HWND hwndOwner;
HINSTANCE hInstance;
LPCWSTR lpstrFilter;
LPWSTR lpstrCustomFilter;
DWORD nMaxCustFilter;
DWORD nFilterIndex;
LPWSTR lpstrFile;
DWORD nMaxFile;
LPWSTR lpstrFileTitle;
DWORD nMaxFileTitle;
LPCWSTR lpstrInitialDir;
LPCWSTR lpstrTitle;
DWORD Flags;
WORD nFileOffset;
WORD nFileExtension;
LPCWSTR lpstrDefExt;
LPARAM lCustData;
LPOFNHOOKPROC lpfnHook;
LPCWSTR lpTemplateName;
#ifdef _MAC
LPEDITMENU lpEditInfo;
LPCSTR lpstrPrompt;*/
OPENFILENAME sFilename1; OPENFILENAME sFilename1;
ZeroMemory(&sFilename1, sizeof(sFilename1)); ZeroMemory(&sFilename1, sizeof(sFilename1));
sFilename1.lStructSize = sizeof(sFilename1); sFilename1.lStructSize = sizeof(sFilename1);
@ -891,14 +866,7 @@ void OpenAsset() {
sFilename1.nMaxFileTitle = 0; sFilename1.nMaxFileTitle = 0;
sFilename1.lpstrInitialDir = NULL; sFilename1.lpstrInitialDir = NULL;
sFilename1.Flags = OFN_OVERWRITEPROMPT | OFN_HIDEREADONLY | OFN_NOCHANGEDIR; sFilename1.Flags = OFN_OVERWRITEPROMPT | OFN_HIDEREADONLY | OFN_NOCHANGEDIR;
/*OPENFILENAME sFilename1 = {
sizeof(OPENFILENAME),
g_hDlg, GetModuleHandle(NULL), szList, NULL, 0, 1,
szFileName, MAX_PATH, NULL, 0, NULL,
"Import Asset into ASSIMP",
OFN_OVERWRITEPROMPT | OFN_HIDEREADONLY | OFN_NOCHANGEDIR,
0, 1, ".x", 0, NULL, NULL
};*/
if (GetOpenFileName(&sFilename1) == 0) { if (GetOpenFileName(&sFilename1) == 0) {
return; return;
} }