X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=dali-toolkit%2Fthird-party%2Fnanosvg%2Fnanosvg.cc;h=601413c9c4318cc6685610a8dede37e05e246750;hb=c973fbba64fd5f08cfd8179ba7b8f4ac5c492c44;hp=d3ffc40521aba053d7caf9328be37f14e2da41ab;hpb=13daf0f05718773d1dcb3544a121e17dbe26dfca;p=platform%2Fcore%2Fuifw%2Fdali-toolkit.git

diff --git a/dali-toolkit/third-party/nanosvg/nanosvg.cc b/dali-toolkit/third-party/nanosvg/nanosvg.cc
index d3ffc40..601413c 100644
--- a/dali-toolkit/third-party/nanosvg/nanosvg.cc
+++ b/dali-toolkit/third-party/nanosvg/nanosvg.cc
@@ -1038,9 +1038,15 @@ static unsigned int nsvg__parseColorRGB(const char* str)
 
     /**
      * In the original file, the formatted data reading did not specify the string with width limitation.
-     * To prevent the possible overflow, we replace '%s' with '%32s' here.
+     * To prevent the possible overflow, we replace '%s' with '%31s' and use strtol here
      */
-    sscanf(str + 4, "%d%32[%%, \t]%d%32[%%, \t]%d", &r, s1, &g, s2, &b);
+    char* end;
+    r = strtol(str + 4, &end, 10);
+    sscanf(end, "%31[%%, \t]", s1);
+    g = strtol(end + strlen(s1), &end, 10);
+    sscanf(end, "%31[%%, \t]", s2);
+    b = strtol(end + strlen(s2), &end, 10);
+
     if (strchr(s1, '%')) {
         return NSVG_RGB((r*255)/100,(g*255)/100,(b*255)/100);
     } else {
@@ -1269,9 +1275,9 @@ static NSVGcoordinate nsvg__parseCoordinateRaw(const char* str)
 
     /**
      * In the original file, the formatted data reading did not specify the string with width limitation.
-     * To prevent the possible overflow, we replace '%s' with '%32s' here.
+     * To prevent the possible overflow, we replace '%s' with '%31s' here.
      */
-    sscanf(str, "%f%32s", &coord.value, units);
+    sscanf(str, "%f%31s", &coord.value, units);
     coord.units = nsvg__parseUnits(units);
     return coord;
 }