Fix Svace issue & Memory leak

author Moonhee Choi <mh0310.choi@samsung.com>

Wed, 12 Apr 2017 06:32:06 +0000 (15:32 +0900)

committer Moonhee Choi <mh0310.choi@samsung.com>

Tue, 18 Apr 2017 07:25:50 +0000 (16:25 +0900)
author Moonhee Choi <mh0310.choi@samsung.com>
Wed, 12 Apr 2017 06:32:06 +0000 (15:32 +0900)
committer Moonhee Choi <mh0310.choi@samsung.com>
Tue, 18 Apr 2017 07:25:50 +0000 (16:25 +0900)
diff --git a/src/cairo-cff-subset.c b/src/cairo-cff-subset.c

index da49e8e..ca1437e 100644 (file)
--- a/src/cairo-cff-subset.c
+++ b/src/cairo-cff-subset.c
@@ -51,6 +51,7 @@
  
  #include "cairo-scaled-font-subsets-private.h"
  #include "cairo-truetype-subset-private.h"
+#include <stdio.h>
  #include <string.h>
  #include <locale.h>
  
@@ -331,7 +332,12 @@ decode_real (unsigned char *p, double *real)
          buf = buffer2 + (q - buffer);
          strncpy (buf, decimal_point, decimal_point_len);
          buf += decimal_point_len;
-        strcpy (buf, q + 1);
+
+       //(2017.04.17) Since securitY issue, replace strcpy to strncpy.
+       //strcpy (buf, q + 1);
+         strncpy (buf, q + 1, (buffer + sizeof(buffer)/sizeof(buffer[0])) - (q + 1));
+       //same as strncpy (buf, q + 1, 100 - (q + 1));
+
          buf = buffer2;
      }
  
diff --git a/src/cairo-evas-gl-context.c b/src/cairo-evas-gl-context.c

index 10d6808..433aafd 100755 (executable)
--- a/src/cairo-evas-gl-context.c
+++ b/src/cairo-evas-gl-context.c
@@ -304,7 +304,7 @@ cairo_evas_gl_device_create (Evas_GL *evas_gl,
      ctx->dummy_surface = evas_gl_pbuffer_surface_create (ctx->evas_gl,
                                                          evas_cfg,
                                                          1, 1, NULL);
-    //evas_gl_config_free (evas_cfg);
+    evas_gl_config_free (evas_cfg);
  
      if (ctx->dummy_surface == NULL) {
          free (ctx);
author	Moonhee Choi <mh0310.choi@samsung.com>
	Wed, 12 Apr 2017 06:32:06 +0000 (15:32 +0900)
committer	Moonhee Choi <mh0310.choi@samsung.com>
	Tue, 18 Apr 2017 07:25:50 +0000 (16:25 +0900)
src/cairo-cff-subset.c		patch \| blob \| history
src/cairo-evas-gl-context.c		patch \| blob \| history