svgio/source/svgreader/svgstyleattributes.cxx | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
New commits:
commit 21e0a2658a565b5359703670ad9a709b232a4a27
Author: Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Sat May 4 20:36:24 2024 +0100
Commit: Caolán McNamara <caolan.mcnam...@collabora.com>
CommitDate: Sun May 5 01:09:18 2024 +0200
crashtesting: assert with stroke width of 4.86057e+93
on import attempt of moz1322643-3.svg
Change-Id: I5f18601767212c1eb7453aacbad076099a2a5b46
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/167142
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
diff --git a/svgio/source/svgreader/svgstyleattributes.cxx
b/svgio/source/svgreader/svgstyleattributes.cxx
index 0253aa42e071..5da9ea7c4d3c 100644
--- a/svgio/source/svgreader/svgstyleattributes.cxx
+++ b/svgio/source/svgreader/svgstyleattributes.cxx
@@ -672,9 +672,15 @@ namespace svgio::svgreader
// get stroke width; SVG does not use 0.0 == hairline, so 0.0 is
no line at all
const double fStrokeWidth(getStrokeWidth().isSet() ?
getStrokeWidth().solve(mrOwner) : 1.0);
- if(!basegfx::fTools::more(fStrokeWidth, 0.0))
+ if (!basegfx::fTools::more(fStrokeWidth, 0.0))
return;
+ if (fStrokeWidth > std::numeric_limits<sal_Int32>::max())
+ {
+ SAL_WARN("svgio", "ignoring ludicrous stroke width: " <<
fStrokeWidth);
+ return;
+ }
+
drawinglayer::primitive2d::Primitive2DReference aNewLinePrimitive;
// if we have a line with two identical points it is not really a
line,
