mirror-games/glest-source
1
0
Fork 0
mirror of https://github.com/glest/glest-source.git synced 2025-08-28 18:29:48 +02:00
Code Issues Projects Releases Wiki Activity

g2xml.c:fix CWE-606:Unchecked Input for Loop Condition

Browse Source
This commit is contained in:
andy5995
2018-09-27 13:52:18 -05:00
parent 62e3819d86
commit 5a49a4492e
1 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
source/tools/glexemel/g2xml.c
View File

@@ -23,7 +23,12 @@
#define FALSE 0
#endif
/*
* Set a boundary on the indexCount
* to prevent
* CWE-606: Unchecked Input for Loop Condition
*/
#define INDEX_COUNT_MAX 10000
/**
* Forward function declarations.
@@ -311,6 +316,10 @@ int g3d2xml(FILE *infile, FILE *outfile) {
/* read / write face indices */
nBytes = sizeof(uint32)*meshHeader.indexCount;
if (meshHeader.indexCount > INDEX_COUNT_MAX) {
printf ("Index Count exceeds INDEX_COUNT_MAX (%u)\n", INDEX_COUNT_MAX);
return FALSE;
}
idata = malloc(nBytes);
if (idata == NULL) {
printf("Could not allocate buffer!\n");