Fix possible stack corruption.

author John Preston <johnprestonmail@gmail.com>

Sun, 1 Sep 2019 09:04:26 +0000 (12:04 +0300)

committer Jongmin Lee <jm105.lee@samsung.com>

Sun, 22 Sep 2019 21:53:45 +0000 (06:53 +0900)
author John Preston <johnprestonmail@gmail.com>
Sun, 1 Sep 2019 09:04:26 +0000 (12:04 +0300)
committer Jongmin Lee <jm105.lee@samsung.com>
Sun, 22 Sep 2019 21:53:45 +0000 (06:53 +0900)
diff --git a/src/lottie/lottieparser.cpp b/src/lottie/lottieparser.cpp

index 622cf2b0780ab8b3a725ae64099ac8f0abf965f0..50776f750c2b088814c86210435e8c48508c2653 100644 (file)
--- a/src/lottie/lottieparser.cpp
+++ b/src/lottie/lottieparser.cpp
@@ -1709,13 +1709,16 @@ void LottieParserImpl::getValue(std::vector<VPointF> &v)
  
  void LottieParserImpl::getValue(VPointF &pt)
  {
-    float val[4];
+    float val[4] = {0.f};
      int   i = 0;
  
      if (PeekType() == kArrayType) EnterArray();
  
      while (NextArrayValue()) {
-        val[i++] = GetDouble();
+        const auto value = GetDouble();
+        if (i < 4) {
+            val[i++] = value;
+        }
      }
      pt.setX(val[0]);
      pt.setY(val[1]);
@@ -1739,12 +1742,15 @@ void LottieParserImpl::getValue(float &val)
  
  void LottieParserImpl::getValue(LottieColor &color)
  {
-    float val[4];
+    float val[4] = {0.f};
      int   i = 0;
      if (PeekType() == kArrayType) EnterArray();
  
      while (NextArrayValue()) {
-        val[i++] = GetDouble();
+        const auto value = GetDouble();
+        if (i < 4) {
+            val[i++] = value;
+        }
      }
      color.r = val[0];
      color.g = val[1];
author	John Preston <johnprestonmail@gmail.com>
	Sun, 1 Sep 2019 09:04:26 +0000 (12:04 +0300)
committer	Jongmin Lee <jm105.lee@samsung.com>
	Sun, 22 Sep 2019 21:53:45 +0000 (06:53 +0900)