Fix possible out of bounds reading.

author John Preston <johnprestonmail@gmail.com>

Sun, 1 Sep 2019 09:03:18 +0000 (12:03 +0300)

committer Jongmin Lee <jm105.lee@samsung.com>

Sun, 22 Sep 2019 21:53:45 +0000 (06:53 +0900)
author John Preston <johnprestonmail@gmail.com>
Sun, 1 Sep 2019 09:03:18 +0000 (12:03 +0300)
committer Jongmin Lee <jm105.lee@samsung.com>
Sun, 22 Sep 2019 21:53:45 +0000 (06:53 +0900)
diff --git a/src/lottie/lottieparser.cpp b/src/lottie/lottieparser.cpp

index 85696b7..622cf2b 100644 (file)
--- a/src/lottie/lottieparser.cpp
+++ b/src/lottie/lottieparser.cpp
@@ -771,10 +771,7 @@ LottieColor LottieParserImpl::toColor(const char *str)
  
      // some resource has empty color string
      // return a default color for those cases.
-    if (!len) return color;
-
-    RAPIDJSON_ASSERT(len == 7);
-    RAPIDJSON_ASSERT(str[0] == '#');
+    if (len != 7 || str[0] != '#') return color;
  
      char tmp[3] = {'\0', '\0', '\0'};
      tmp[0] = str[1];
author	John Preston <johnprestonmail@gmail.com>
	Sun, 1 Sep 2019 09:03:18 +0000 (12:03 +0300)
committer	Jongmin Lee <jm105.lee@samsung.com>
	Sun, 22 Sep 2019 21:53:45 +0000 (06:53 +0900)