svg_loader SvgLoader: Prevent array overflow

Since tagName array set '\0' at the end,
it may overflow when sz reaches 20.
So make it a maximum of 19.

Change-Id: I26e85aa8a3b7e2aad1ec849d14a8b4da6e1bcbf7

diff --git a/src/loaders/svg/tvgSvgLoader.cpp b/src/loaders/svg/tvgSvgLoader.cpp
index 5d6e34a..009b25d 100644 (file)
--- a/src/loaders/svg/tvgSvgLoader.cpp
+++ b/src/loaders/svg/tvgSvgLoader.cpp
@@ -2075,7 +2075,7 @@ static void _svgLoaderParserXmlOpen(SvgLoaderData* loader, const char* content,
         sz = attrs - content;
         attrsLength = length - sz;
         while ((sz > 0) && (isspace(content[sz - 1]))) sz--;
-        if ((unsigned int)sz > sizeof(tagName)) return;
+        if ((unsigned int)sz >= sizeof(tagName)) return;
         strncpy(tagName, content, sz);
         tagName[sz] = '\0';
     }