X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=dali-toolkit%2Fthird-party%2Fnanosvg%2Fnanosvg.cc;h=d3ffc40521aba053d7caf9328be37f14e2da41ab;hb=22b429f142e1130bc3db8e5b730ae559ba5635fb;hp=96435679cfb0e328cbd0d90ab9ac69122d2dff7c;hpb=9851bf19ae796af52a397dd19c234b91999cb1cb;p=platform%2Fcore%2Fuifw%2Fdali-toolkit.git

diff --git a/dali-toolkit/third-party/nanosvg/nanosvg.cc b/dali-toolkit/third-party/nanosvg/nanosvg.cc
index 9643567..d3ffc40 100644
--- a/dali-toolkit/third-party/nanosvg/nanosvg.cc
+++ b/dali-toolkit/third-party/nanosvg/nanosvg.cc
@@ -1035,7 +1035,12 @@ static unsigned int nsvg__parseColorRGB(const char* str)
 {
     int r = -1, g = -1, b = -1;
     char s1[32]="", s2[32]="";
-    sscanf(str + 4, "%d%[%%, \t]%d%[%%, \t]%d", &r, s1, &g, s2, &b);
+
+    /**
+     * In the original file, the formatted data reading did not specify the string with width limitation.
+     * To prevent the possible overflow, we replace '%s' with '%32s' here.
+     */
+    sscanf(str + 4, "%d%32[%%, \t]%d%32[%%, \t]%d", &r, s1, &g, s2, &b);
     if (strchr(s1, '%')) {
         return NSVG_RGB((r*255)/100,(g*255)/100,(b*255)/100);
     } else {