X-Git-Url: http://review.tizen.org/git/?p=platform%2Fcore%2Fuifw%2Fdali-toolkit.git;a=blobdiff_plain;f=dali-toolkit%2Fthird-party%2Fnanosvg%2Fnanosvg.cc;h=603f97739781714722fb79669afc786980299716;hp=1022a981aed642e71549c3000c413526c4dec937;hb=88a10b222636eadf16159e0df5812aeb94e747b4;hpb=0423ef73b9c0eb368da612b0ae59f804f39885c6

diff --git a/dali-toolkit/third-party/nanosvg/nanosvg.cc b/dali-toolkit/third-party/nanosvg/nanosvg.cc
index 1022a98..603f977 100644
--- a/dali-toolkit/third-party/nanosvg/nanosvg.cc
+++ b/dali-toolkit/third-party/nanosvg/nanosvg.cc
@@ -2753,14 +2753,21 @@ NSVGimage* nsvgParse(char* input, const char* units, float dpi)
 NSVGimage* nsvgParseFromFile(const char* filename, const char* units, float dpi)
 {
 	FILE* fp = NULL;
-	size_t size;
+	size_t size = 0;
+	long value = 0;
 	char* data = NULL;
 	NSVGimage* image = NULL;
 
 	fp = fopen(filename, "rb");
 	if (!fp) goto error;
 	fseek(fp, 0, SEEK_END);
-	size = ftell(fp);
+	value = ftell(fp);
+	/**
+	 * In the original file, unsigned long type 'size' gets a return value. But, the return value of 'ftell()' is
+	 * signed long type. To prevent interpreting an unexpected large value, we put the comparitive condition here.
+	 */
+	if( value < 0 ) goto error;
+	size = value;
 	fseek(fp, 0, SEEK_SET);
 	data = (char*)malloc(size+1);
 	if (data == NULL) goto error;