mirror of
https://git.lyx.org/repos/lyx.git
synced 2024-12-22 13:18:28 +00:00
Experiment: limit size of strings read from lib/symbols
Coverity complains that we might read strings that are arbitrary large, and that this can be a security issue. This is a problem in particular, when we feed these strings to from_utf8(), which coverity flags as dangerous for some reason. The best solution would be IMO to model from_utf8() properly, but I do not know how to do that. Here I try a different solution, where I cannot read a string larger than 64k from the file. Let's see whether this removes part of coverity warnings.
This commit is contained in:
parent
0f220503ff
commit
9a013637bb
@ -74,6 +74,7 @@
|
|||||||
#include "LyX.h" // use_gui
|
#include "LyX.h" // use_gui
|
||||||
#include "OutputParams.h"
|
#include "OutputParams.h"
|
||||||
|
|
||||||
|
#include <iomanip>
|
||||||
|
|
||||||
using namespace std;
|
using namespace std;
|
||||||
using namespace lyx::support;
|
using namespace lyx::support;
|
||||||
@ -188,7 +189,7 @@ void initSymbols()
|
|||||||
string extra;
|
string extra;
|
||||||
string xmlname;
|
string xmlname;
|
||||||
bool hidden = false;
|
bool hidden = false;
|
||||||
is >> macro >> requires;
|
is >> setw(65536) >> macro >> requires;
|
||||||
if ((is >> xmlname)) {
|
if ((is >> xmlname)) {
|
||||||
extra = requires;
|
extra = requires;
|
||||||
if (!(is >> requires))
|
if (!(is >> requires))
|
||||||
|
Loading…
Reference in New Issue
Block a user