Merge pull request #2325 from assimp/sec_issues

Fix potential security issues.
pull/2328/head
Kim Kulling 2019-02-06 13:24:38 +01:00 committed by GitHub
commit cfeb0060a2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 41 additions and 21 deletions

View File

@ -760,7 +760,12 @@ public:
if (!out) return; if (!out) return;
time_t tt = time(NULL); time_t tt = time(NULL);
#if _WIN32
tm* p = gmtime(&tt); tm* p = gmtime(&tt);
#else
struct tm now;
tm* p = gmtime_r(&tt, &now);
#endif
// header // header
char s[64]; char s[64];

View File

@ -60,7 +60,6 @@ ASSIMP_API size_t aiGetExportFormatCount(void)
return Exporter().GetExportFormatCount(); return Exporter().GetExportFormatCount();
} }
// ------------------------------------------------------------------------------------------------ // ------------------------------------------------------------------------------------------------
ASSIMP_API const aiExportFormatDesc* aiGetExportFormatDescription( size_t index) ASSIMP_API const aiExportFormatDesc* aiGetExportFormatDescription( size_t index)
{ {

View File

@ -184,8 +184,13 @@ static std::string encodeXML(const std::string& data) {
static static
void WriteDump(const aiScene* scene, IOStream* io, bool shortened) { void WriteDump(const aiScene* scene, IOStream* io, bool shortened) {
time_t tt = ::time( NULL ); time_t tt = ::time( NULL );
tm* p = ::gmtime( &tt ); #if _WIN32
ai_assert( nullptr != p ); tm* p = gmtime(&tt);
#else
struct tm now;
tm* p = gmtime_r(&tt, &now);
#endif
ai_assert(nullptr != p);
// write header // write header
std::string header( std::string header(

View File

@ -2362,7 +2362,7 @@ size_t ColladaParser::ReadPrimitives( Mesh* pMesh, std::vector<InputChannel>& pP
if( expectedPointCount > 0 && indices.size() != expectedPointCount * numOffsets) { if( expectedPointCount > 0 && indices.size() != expectedPointCount * numOffsets) {
if (pPrimType == Prim_Lines) { if (pPrimType == Prim_Lines) {
// HACK: We just fix this number since SketchUp 15.3.331 writes the wrong 'count' for 'lines' // HACK: We just fix this number since SketchUp 15.3.331 writes the wrong 'count' for 'lines'
ReportWarning( "Expected different index count in <p> element, %d instead of %d.", indices.size(), expectedPointCount * numOffsets); ReportWarning( "Expected different index count in <p> element, %zu instead of %zu.", indices.size(), expectedPointCount * numOffsets);
pNumPrimitives = (indices.size() / numOffsets) / 2; pNumPrimitives = (indices.size() / numOffsets) / 2;
} else } else
ThrowException( "Expected different index count in <p> element."); ThrowException( "Expected different index count in <p> element.");

View File

@ -180,23 +180,21 @@ inline void ValidateDSProcess::DoValidationEx(T** parray, unsigned int size,
// ------------------------------------------------------------------------------------------------ // ------------------------------------------------------------------------------------------------
template <typename T> template <typename T>
inline void ValidateDSProcess::DoValidationWithNameCheck(T** array, inline
unsigned int size, const char* firstName, void ValidateDSProcess::DoValidationWithNameCheck(T** array, unsigned int size, const char* firstName, const char* secondName) {
const char* secondName)
{
// validate all entries // validate all entries
DoValidationEx(array,size,firstName,secondName); DoValidationEx(array,size,firstName,secondName);
for (unsigned int i = 0; i < size;++i) for (unsigned int i = 0; i < size;++i) {
{
int res = HasNameMatch(array[i]->mName,mScene->mRootNode); int res = HasNameMatch(array[i]->mName,mScene->mRootNode);
if (!res) { if (0 == res) {
const std::string name = static_cast<char*>(array[i]->mName.data);
ReportError("aiScene::%s[%i] has no corresponding node in the scene graph (%s)", ReportError("aiScene::%s[%i] has no corresponding node in the scene graph (%s)",
firstName,i,array[i]->mName.data); firstName,i, name.c_str());
} } else if (1 != res) {
else if (1 != res) { const std::string name = static_cast<char*>(array[i]->mName.data);
ReportError("aiScene::%s[%i]: there are more than one nodes with %s as name", ReportError("aiScene::%s[%i]: there are more than one nodes with %s as name",
firstName,i,array[i]->mName.data); firstName,i, name.c_str());
} }
} }
} }
@ -699,7 +697,7 @@ void ValidateDSProcess::Validate( const aiMaterial* pMaterial)
if (prop->mDataLength < 5 || prop->mDataLength < 4 + (*reinterpret_cast<uint32_t*>(prop->mData)) + 1) { if (prop->mDataLength < 5 || prop->mDataLength < 4 + (*reinterpret_cast<uint32_t*>(prop->mData)) + 1) {
ReportError("aiMaterial::mProperties[%i].mDataLength is " ReportError("aiMaterial::mProperties[%i].mDataLength is "
"too small to contain a string (%i, needed: %i)", "too small to contain a string (%i, needed: %i)",
i,prop->mDataLength,sizeof(aiString)); i,prop->mDataLength,static_cast<int>(sizeof(aiString)));
} }
if(prop->mData[prop->mDataLength-1]) { if(prop->mData[prop->mDataLength-1]) {
ReportError("Missing null-terminator in string material property"); ReportError("Missing null-terminator in string material property");
@ -710,14 +708,14 @@ void ValidateDSProcess::Validate( const aiMaterial* pMaterial)
if (prop->mDataLength < sizeof(float)) { if (prop->mDataLength < sizeof(float)) {
ReportError("aiMaterial::mProperties[%i].mDataLength is " ReportError("aiMaterial::mProperties[%i].mDataLength is "
"too small to contain a float (%i, needed: %i)", "too small to contain a float (%i, needed: %i)",
i,prop->mDataLength,sizeof(float)); i,prop->mDataLength, static_cast<int>(sizeof(float)));
} }
} }
else if (aiPTI_Integer == prop->mType) { else if (aiPTI_Integer == prop->mType) {
if (prop->mDataLength < sizeof(int)) { if (prop->mDataLength < sizeof(int)) {
ReportError("aiMaterial::mProperties[%i].mDataLength is " ReportError("aiMaterial::mProperties[%i].mDataLength is "
"too small to contain an integer (%i, needed: %i)", "too small to contain an integer (%i, needed: %i)",
i,prop->mDataLength,sizeof(int)); i,prop->mDataLength, static_cast<int>(sizeof(int)));
} }
} }
// TODO: check whether there is a key with an unknown name ... // TODO: check whether there is a key with an unknown name ...
@ -955,7 +953,7 @@ void ValidateDSProcess::Validate( const aiString* pString)
{ {
if (pString->length > MAXLEN) if (pString->length > MAXLEN)
{ {
this->ReportError("aiString::length is too large (%i, maximum is %i)", this->ReportError("aiString::length is too large (%i, maximum is %lu)",
pString->length,MAXLEN); pString->length,MAXLEN);
} }
const char* sz = pString->data; const char* sz = pString->data;

View File

@ -679,7 +679,13 @@ void WriteBinaryDump(const aiScene* scene, FILE* _out, const char* src, const ch
shortened = _shortened; shortened = _shortened;
time_t tt = time(NULL); time_t tt = time(NULL);
#if _WIN32
tm* p = gmtime(&tt); tm* p = gmtime(&tt);
#else
struct tm now;
tm* p = gmtime_r(&tt, &now);
#endif
ai_assert(nullptr != p);
// header // header
fprintf(out,"ASSIMP.binary-dump.%s",asctime(p)); fprintf(out,"ASSIMP.binary-dump.%s",asctime(p));
@ -861,7 +867,13 @@ static std::string encodeXML(const std::string& data) {
void WriteDump(const aiScene* scene, FILE* out, const char* src, const char* cmd, bool shortened) void WriteDump(const aiScene* scene, FILE* out, const char* src, const char* cmd, bool shortened)
{ {
time_t tt = ::time(NULL); time_t tt = ::time(NULL);
tm* p = ::gmtime(&tt); #if _WIN32
tm* p = gmtime(&tt);
#else
struct tm now;
tm* p = gmtime_r(&tt, &now);
#endif
ai_assert(nullptr != p);
std::string c = cmd; std::string c = cmd;
std::string::size_type s; std::string::size_type s;

View File

@ -929,6 +929,7 @@ void PopulateExportMenu() {
} }
//------------------------------------------------------------------------------- //-------------------------------------------------------------------------------
// Export function
//------------------------------------------------------------------------------- //-------------------------------------------------------------------------------
void DoExport(size_t formatId) { void DoExport(size_t formatId) {
if (!g_szFileName[0]) { if (!g_szFileName[0]) {