From f9d82c2c28bdddb539e3148b6c2ef0afa1512e9c Mon Sep 17 00:00:00 2001 From: JunsuChoi Date: Mon, 12 Jul 2021 10:14:51 +0900 Subject: [PATCH] svg_loader SvgLoader: Fix memory leak of duplicate declared id Duplicate declaration of id attribute is invaild. We do not have a separate policy for invalid svg files. Therefore, it is a priority to prevent crashes or memory leaks. If an id is declared as duplicate, the last declared id is used. --- src/loaders/svg/tvgSvgLoader.cpp | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/src/loaders/svg/tvgSvgLoader.cpp b/src/loaders/svg/tvgSvgLoader.cpp index 092c327b..b120ca45 100644 --- a/src/loaders/svg/tvgSvgLoader.cpp +++ b/src/loaders/svg/tvgSvgLoader.cpp @@ -990,6 +990,7 @@ static bool _attrParseGNode(void* data, const char* key, const char* value) } else if (!strcmp(key, "transform")) { node->transform = _parseTransformationMatrix(value); } else if (!strcmp(key, "id")) { + if (node->id && value) delete node->id; node->id = _copyId(value); } else if (!strcmp(key, "clip-path")) { _handleClipPathAttr(loader, node, value); @@ -1015,6 +1016,7 @@ static bool _attrParseClipPathNode(void* data, const char* key, const char* valu } else if (!strcmp(key, "transform")) { node->transform = _parseTransformationMatrix(value); } else if (!strcmp(key, "id")) { + if (node->id && value) delete node->id; node->id = _copyId(value); } else { return _parseStyleAttr(loader, key, value, false); @@ -1033,6 +1035,7 @@ static bool _attrParseMaskNode(void* data, const char* key, const char* value) } else if (!strcmp(key, "transform")) { node->transform = _parseTransformationMatrix(value); } else if (!strcmp(key, "id")) { + if (node->id && value) delete node->id; node->id = _copyId(value); } else { return _parseStyleAttr(loader, key, value, false); @@ -1175,6 +1178,7 @@ static bool _attrParsePathNode(void* data, const char* key, const char* value) } else if (!strcmp(key, "mask")) { _handleMaskAttr(loader, node, value); } else if (!strcmp(key, "id")) { + if (node->id && value) delete node->id; node->id = _copyId(value); } else { return _parseStyleAttr(loader, key, value, false); @@ -1234,6 +1238,7 @@ static bool _attrParseCircleNode(void* data, const char* key, const char* value) } else if (!strcmp(key, "mask")) { _handleMaskAttr(loader, node, value); } else if (!strcmp(key, "id")) { + if (node->id && value) delete node->id; node->id = _copyId(value); } else { return _parseStyleAttr(loader, key, value, false); @@ -1287,6 +1292,7 @@ static bool _attrParseEllipseNode(void* data, const char* key, const char* value } if (!strcmp(key, "id")) { + if (node->id && value) delete node->id; node->id = _copyId(value); } else if (!strcmp(key, "style")) { return simpleXmlParseW3CAttribute(value, _parseStyleAttr, loader); @@ -1370,6 +1376,7 @@ static bool _attrParsePolygonNode(void* data, const char* key, const char* value } else if (!strcmp(key, "mask")) { _handleMaskAttr(loader, node, value); } else if (!strcmp(key, "id")) { + if (node->id && value) delete node->id; node->id = _copyId(value); } else { return _parseStyleAttr(loader, key, value, false); @@ -1443,6 +1450,7 @@ static bool _attrParseRectNode(void* data, const char* key, const char* value) } if (!strcmp(key, "id")) { + if (node->id && value) delete node->id; node->id = _copyId(value); } else if (!strcmp(key, "style")) { ret = simpleXmlParseW3CAttribute(value, _parseStyleAttr, loader); @@ -1505,6 +1513,7 @@ static bool _attrParseLineNode(void* data, const char* key, const char* value) } if (!strcmp(key, "id")) { + if (node->id && value) delete node->id; node->id = _copyId(value); } else if (!strcmp(key, "style")) { return simpleXmlParseW3CAttribute(value, _parseStyleAttr, loader); @@ -1574,6 +1583,7 @@ static bool _attrParseImageNode(void* data, const char* key, const char* value) if (!strcmp(key, "href") || !strcmp(key, "xlink:href")) { image->href = _idFromHref(value); } else if (!strcmp(key, "id")) { + if (node->id && value) delete node->id; node->id = _copyId(value); } else if (!strcmp(key, "style")) { return simpleXmlParseW3CAttribute(value, _parseStyleAttr, loader);