diff options
author | Thomas Martitz <kugel@rockbox.org> | 2014-01-12 23:13:45 +0100 |
---|---|---|
committer | Thomas Martitz <kugel@rockbox.org> | 2014-01-12 23:13:45 +0100 |
commit | 4e1c690ea7b2163f64e3ca9dc25ca69bc75ee433 (patch) | |
tree | d41200f80f1437bc6e33f646f7d135e5f3041f97 | |
parent | d243e7e7fe0564a10da6d8738a9b101cc50aad23 (diff) | |
download | rockbox-4e1c690.tar.gz rockbox-4e1c690.zip |
skin_engine: Stricter checking for x, y, width, height for bar tags.
Every theme that doesn't parse anymore now has broken values. I hope it's not
too many of them.
Change-Id: I6f52e55dc9197d0919f854240723a88f99c0b7da
-rw-r--r-- | apps/gui/skin_engine/skin_parser.c | 21 |
1 files changed, 17 insertions, 4 deletions
diff --git a/apps/gui/skin_engine/skin_parser.c b/apps/gui/skin_engine/skin_parser.c index 06b37d875c..a76a06ac61 100644 --- a/apps/gui/skin_engine/skin_parser.c +++ b/apps/gui/skin_engine/skin_parser.c @@ -922,30 +922,43 @@ static int parse_progressbar_tag(struct skin_element* element, /* (x, y, width, height, ...) */ if (!isdefault(param)) + { pb->x = param->data.number; + if (pb->x < 0 || pb->x >= vp->width) + return WPS_ERROR_INVALID_PARAM; + } else pb->x = 0; param++; if (!isdefault(param)) + { pb->y = param->data.number; + if (pb->y < 0 || pb->y >= vp->height) + return WPS_ERROR_INVALID_PARAM; + } else pb->y = -1; /* computed at rendering */ param++; if (!isdefault(param)) + { pb->width = param->data.number; + if (pb->width <= 0 || (pb->x + pb->width) > vp->width) + return WPS_ERROR_INVALID_PARAM; + } else pb->width = vp->width - pb->x; param++; if (!isdefault(param)) { - /* A zero height makes no sense - reject it */ - if (param->data.number == 0) - return WPS_ERROR_INVALID_PARAM; - + int max; pb->height = param->data.number; + /* include y in check only if it was non-default */ + max = (pb->y > 0) ? pb->y + pb->height : pb->height; + if (pb->height <= 0 || max > vp->height) + return WPS_ERROR_INVALID_PARAM; } else { |