Update nanosvg library to latest upstream version
commit ccdb1995134d340a93fb20e3a3d323ccb3838dd0 Merge: 3cdd4a9 419782d Author: Mikko Mononen <memononen@gmail.com> Date: Fri Sep 3 21:24:42 2021 +0300 Merge pull request #198 from ctrlcctrlv/CVE_2019_1000032 Fix decimal values in color fields (nsvg__parseColorRGB, nsvg__parseColorHex)
This commit is contained in:
parent
828d3dd722
commit
a774e120bc
@ -6,12 +6,12 @@ about the current versions of all bundled libraries and about how to
|
|||||||
upgrade these bundled libraries.
|
upgrade these bundled libraries.
|
||||||
|
|
||||||
|
|
||||||
Current versions of bundled libraries (as of Feb 25, 2021):
|
Current versions of bundled libraries (as of Sep 13, 2021):
|
||||||
|
|
||||||
Library Version Release date FLTK Version
|
Library Version Release date FLTK Version
|
||||||
--------------------------------------------------------------------------
|
--------------------------------------------------------------------------
|
||||||
jpeg jpeg-9d 2020-01-12 1.4.0
|
jpeg jpeg-9d 2020-01-12 1.4.0
|
||||||
nanosvg a1eea27b3d [1] 2021-02-21 1.4.0
|
nanosvg 461ad7de70 [1] 2021-09-13 1.4.0
|
||||||
png libpng-1.6.37 2019-04-14 1.4.0
|
png libpng-1.6.37 2019-04-14 1.4.0
|
||||||
zlib zlib-1.2.11 2017-01-15 1.4.0
|
zlib zlib-1.2.11 2017-01-15 1.4.0
|
||||||
--------------------------------------------------------------------------
|
--------------------------------------------------------------------------
|
||||||
@ -26,7 +26,7 @@ Previous versions of bundled libraries:
|
|||||||
--------------------------------------------------------------------------
|
--------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
[1] Git commit in: https://github.com/fltk/nanosvg
|
[1] Git commit in branch 'fltk' of https://github.com/fltk/nanosvg
|
||||||
See also git tag 'fltk_yyyy-mm-dd' where yyyy-mm-dd == "Release date"
|
See also git tag 'fltk_yyyy-mm-dd' where yyyy-mm-dd == "Release date"
|
||||||
and file nanosvg/README.txt.
|
and file nanosvg/README.txt.
|
||||||
|
|
||||||
|
@ -22,38 +22,34 @@ For more information see README.bundled-libs.txt in FLTK's root directory.
|
|||||||
Changes in the FLTK fork, branch 'fltk':
|
Changes in the FLTK fork, branch 'fltk':
|
||||||
-----------------------------------------
|
-----------------------------------------
|
||||||
|
|
||||||
$ git show --no-patch fltk_2021-02-22
|
$ git show --no-patch fltk_2021-09-13
|
||||||
tag fltk_2021-02-22
|
tag fltk_2021-09-13
|
||||||
Tagger: Albrecht Schlosser <...>
|
Tagger: Albrecht Schlosser <albrechts.fltk@online.de>
|
||||||
Date: Mon Feb 22 14:16:58 2021 +0100
|
Date: Mon Sep 13 19:09:40 2021 +0200
|
||||||
|
|
||||||
Included in FLTK 1.4.x as of Feb 22, 2021
|
FLTK modifications as of Sep 13, 2021:
|
||||||
|
|
||||||
Latest upstream changes:
|
$ git shortlog master..fltk
|
||||||
------------------------
|
AlbrechtS (2):
|
||||||
|
|
||||||
commit 3e403ec72a9145cbbcc6c63d94a4caf079aafec2
|
|
||||||
Merge: cc6c08d 45eb9f8
|
|
||||||
Author: Mikko Mononen <...>
|
|
||||||
Date: Fri Nov 20 12:53:11 2020 +0200
|
|
||||||
|
|
||||||
Merge pull request #189 from fvogelnew1/Fix-for-#188
|
|
||||||
|
|
||||||
Update nanosvg.h
|
|
||||||
|
|
||||||
Changes in branch 'fltk':
|
|
||||||
|
|
||||||
$ git shortlog master..fltk
|
|
||||||
|
|
||||||
AlbrechtS (2):
|
|
||||||
Fix Visual Studio compilation error (missing long long).
|
Fix Visual Studio compilation error (missing long long).
|
||||||
Modify rasterizer to support non-square X,Y axes scaling.
|
Modify rasterizer to support non-square X,Y axes scaling.
|
||||||
|
|
||||||
Greg Ercolano (1):
|
Greg Ercolano (1):
|
||||||
Address crash defined in fltk's issue 180
|
Clip integer RGB percent values > 100
|
||||||
|
|
||||||
commit a1eea27b3db2d15d924ea823dd0acc5bd2aa56f1
|
Latest upstream commit (master):
|
||||||
Author: Greg Ercolano <...>
|
|
||||||
|
commit ccdb1995134d340a93fb20e3a3d323ccb3838dd0
|
||||||
|
Merge: 3cdd4a9 419782d
|
||||||
|
Author: Mikko Mononen <memononen@gmail.com>
|
||||||
|
Date: Fri Sep 3 21:24:42 2021 +0300
|
||||||
|
|
||||||
|
Merge pull request #198 from ctrlcctrlv/CVE_2019_1000032
|
||||||
|
|
||||||
|
Fix decimal values in color fields (nsvg__parseColorRGB, nsvg__parseColorHex)
|
||||||
|
|
||||||
|
commit 461ad7de70d5fd3f09fc214e4baaadb830a2a270 (HEAD -> fltk, tag: fltk_2021-09-13, origin/fltk, origin/HEAD)
|
||||||
|
Author: Greg Ercolano <erco@seriss.com>
|
||||||
Date: Mon Jan 18 15:05:13 2021 -0800
|
Date: Mon Jan 18 15:05:13 2021 -0800
|
||||||
|
|
||||||
Address crash defined in fltk's issue 180
|
Clip integer RGB percent values > 100
|
||||||
|
@ -1223,25 +1223,23 @@ static const char* nsvg__getNextPathItem(const char* s, char* it)
|
|||||||
|
|
||||||
static unsigned int nsvg__parseColorHex(const char* str)
|
static unsigned int nsvg__parseColorHex(const char* str)
|
||||||
{
|
{
|
||||||
// FLTK: Solve fltk issue#180 / CVE-2019-1000032
|
|
||||||
unsigned int r=0, g=0, b=0;
|
unsigned int r=0, g=0, b=0;
|
||||||
if (sscanf(str, "#%2x%2x%2x", &r, &g, &b) == 3 ) // 2 digit hex
|
if (sscanf(str, "#%2x%2x%2x", &r, &g, &b) == 3 ) // 2 digit hex
|
||||||
return NSVG_RGB(r, g, b);
|
return NSVG_RGB(r, g, b);
|
||||||
if (sscanf(str, "#%1x%1x%1x", &r, &g, &b) == 3 ) // 1 digit hex, e.g. #abc -> 0xccbbaa
|
if (sscanf(str, "#%1x%1x%1x", &r, &g, &b) == 3 ) // 1 digit hex, e.g. #abc -> 0xccbbaa
|
||||||
return NSVG_RGB(r*17, g*17, b*17); // has same effect as (r<<4|r), (g<<4|g), ..
|
return NSVG_RGB(r*17, g*17, b*17); // same effect as (r<<4|r), (g<<4|g), ..
|
||||||
return NSVG_RGB(128, 128, 128);
|
return NSVG_RGB(128, 128, 128);
|
||||||
}
|
}
|
||||||
|
|
||||||
static unsigned int nsvg__parseColorRGB(const char* str)
|
static unsigned int nsvg__parseColorRGB(const char* str)
|
||||||
{
|
{
|
||||||
// FLTK: Solve fltk issue#180 / CVE-2019-1000032
|
|
||||||
unsigned int r=0, g=0, b=0;
|
unsigned int r=0, g=0, b=0;
|
||||||
if (sscanf(str, "rgb(%u, %u, %u)", &r, &g, &b) == 3) // decimal integers
|
if (sscanf(str, "rgb(%u, %u, %u)", &r, &g, &b) == 3) // decimal integers
|
||||||
return NSVG_RGB(r, g, b);
|
return NSVG_RGB(r, g, b);
|
||||||
if (sscanf(str, "rgb(%u%%, %u%%, %u%%)", &r, &g, &b) == 3) { // decimal integer percentage
|
if (sscanf(str, "rgb(%u%%, %u%%, %u%%)", &r, &g, &b) == 3) { // decimal integer percentage
|
||||||
r = (r <= 100) ? ((r*255)/100) : 255; // clip percentages >100
|
r = (r <= 100) ? ((r*255)/100) : 255; // FLTK: clip percentages >100
|
||||||
g = (g <= 100) ? ((g*255)/100) : 255;
|
g = (g <= 100) ? ((g*255)/100) : 255;
|
||||||
b = (b <= 100) ? ((b*255)/100) : 255;
|
b = (b <= 100) ? ((b*255)/100) : 255;
|
||||||
return NSVG_RGB(r, g, b);
|
return NSVG_RGB(r, g, b);
|
||||||
}
|
}
|
||||||
return NSVG_RGB(128, 128, 128);
|
return NSVG_RGB(128, 128, 128);
|
||||||
@ -2188,7 +2186,12 @@ static void nsvg__pathArcTo(NSVGparser* p, float* cpx, float* cpy, float* args,
|
|||||||
// The loop assumes an iteration per end point (including start and end), this +1.
|
// The loop assumes an iteration per end point (including start and end), this +1.
|
||||||
ndivs = (int)(fabsf(da) / (NSVG_PI*0.5f) + 1.0f);
|
ndivs = (int)(fabsf(da) / (NSVG_PI*0.5f) + 1.0f);
|
||||||
hda = (da / (float)ndivs) / 2.0f;
|
hda = (da / (float)ndivs) / 2.0f;
|
||||||
kappa = fabsf(4.0f / 3.0f * (1.0f - cosf(hda)) / sinf(hda));
|
// Fix for ticket #179: division by 0: avoid cotangens around 0 (infinite)
|
||||||
|
if ((hda < 1e-3f) && (hda > -1e-3f))
|
||||||
|
hda *= 0.5f;
|
||||||
|
else
|
||||||
|
hda = (1.0f - cosf(hda)) / sinf(hda);
|
||||||
|
kappa = fabsf(4.0f / 3.0f * hda);
|
||||||
if (da < 0.0f)
|
if (da < 0.0f)
|
||||||
kappa = -kappa;
|
kappa = -kappa;
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user