]> git.saurik.com Git - wxWidgets.git/blobdiff - src/common/imagxpm.cpp
fixing overrelease and out-of-bounds write, fixes #13725
[wxWidgets.git] / src / common / imagxpm.cpp
index 3f1caeaf46a07610a520c1b70674ffc7341f767e..17ec2b91434b7363a4e6345df6a459a545588fdc 100644 (file)
@@ -97,12 +97,51 @@ bool wxXPMHandler::LoadFile(wxImage *image,
     wxXPMDecoder decoder;
 
     wxImage img = decoder.ReadFile(stream);
-    if ( !img.Ok() )
+    if ( !img.IsOk() )
         return false;
     *image = img;
     return true;
 }
 
+namespace
+{
+
+// Make the given string a valid C identifier.
+//
+// All invalid characters are simply replaced by underscores and underscore is
+// also prepended in the beginning if the initial character is not alphabetic.
+void
+MakeValidCIdent(wxString* str)
+{
+    const wxChar chUnderscore = wxT('_');
+
+    for ( wxString::iterator it = str->begin(); it != str->end(); ++it )
+    {
+        const wxChar ch = *it;
+        if ( wxIsdigit(ch) )
+        {
+            if ( it == str->begin() )
+            {
+                // Identifiers can't start with a digit.
+                str->insert(0, chUnderscore); // prepend underscore
+                it = str->begin(); // restart as string changed
+                continue;
+            }
+        }
+        else if ( !wxIsalpha(ch) && ch != chUnderscore )
+        {
+            // Not a valid character in C identifiers.
+            *it = chUnderscore;
+        }
+    }
+
+    // Double underscores are not allowed in normal C identifiers and are
+    // useless anyhow.
+    str->Replace(wxT("__"), wxT("_"));
+}
+
+} // anonymous namespace
+
 bool wxXPMHandler::SaveFile(wxImage * image,
                             wxOutputStream& stream, bool WXUNUSED(verbose))
 {
@@ -124,8 +163,8 @@ bool wxXPMHandler::SaveFile(wxImage * image,
     wxString sName;
     if ( image->HasOption(wxIMAGE_OPTION_FILENAME) )
     {
-        wxFileName::SplitPath(image->GetOption(wxIMAGE_OPTION_FILENAME),
-                              NULL, &sName, NULL);
+        sName = wxFileName(image->GetOption(wxIMAGE_OPTION_FILENAME)).GetName();
+        MakeValidCIdent(&sName);
         sName << wxT("_xpm");
     }
 
@@ -218,6 +257,7 @@ bool wxXPMHandler::DoCanRead(wxInputStream& stream)
 {
     wxXPMDecoder decoder;
     return decoder.CanRead(stream);
+         // it's ok to modify the stream position here
 }
 
 #endif  // wxUSE_STREAMS