首頁 探索 說明
登入
software
/
assimp.assimp
镜像来自 https://github.com/assimp/assimp.git
2
0
複刻 0
Files 問題管理 0 Wiki
瀏覽代碼

Ply-Importer: Fix vulnerability (#5739)

Kim Kulling 1 年之前
父節點
edaf87f186
當前提交
1e09642382
共有 3 個文件被更改,包括 39 次插入0 次删除
分割檢視 顯示文件統計
  1. 3 0
      code/AssetLib/Ply/PlyLoader.cpp
  2. 30 0
      test/models/PLY/payload_JVN42386607
  3. 6 0
      test/unit/utPLYImportExport.cpp

+ 3 - 0
code/AssetLib/Ply/PlyLoader.cpp
查看文件 

@@ -448,6 +448,9 @@ void PLYImporter::LoadVertex(const PLY::Element *pcElement, const PLY::ElementIn
 
             mGeneratedMesh->mNumVertices = pcElement->NumOccur;
 
             mGeneratedMesh->mVertices = new aiVector3D[mGeneratedMesh->mNumVertices];
 
         }
 
+        if (pos >= mGeneratedMesh->mNumVertices) {
 
+            throw DeadlyImportError("Invalid .ply file: Too many vertices");
 
+        }
 
 
         mGeneratedMesh->mVertices[pos] = vOut;

File diff suppressed because it is too large
+ 30 - 0
test/models/PLY/payload_JVN42386607


+ 6 - 0
test/unit/utPLYImportExport.cpp
查看文件 

@@ -203,3 +203,9 @@ TEST_F(utPLYImportExport, parseInvalid) {
 
     const aiScene *scene = importer.ReadFile(ASSIMP_TEST_MODELS_DIR "/invalid/crash-30d6d0f7c529b3b66b4131700b7a4580cd7082df.ply", 0);
 
     EXPECT_EQ(nullptr, scene);
 
 }
 
+
 
+TEST_F(utPLYImportExport, payload_JVN42386607) {
 
+    Assimp::Importer importer;
 
+    const aiScene *scene = importer.ReadFile(ASSIMP_TEST_MODELS_DIR "/PLY/payload_JVN42386607", 0);
 
+   EXPECT_EQ(nullptr, scene);
 
+}

Some files were not shown because too many files changed in this diff