- Timestamp:
- 2017-02-02T01:22:52+01:00 (8 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/com/kitfox/svg/ImageSVG.java
r11525 r11526 115 115 { 116 116 URI src = sty.getURIValue(getXMLBase()); 117 // CVE-2017-5617: Allow only data scheme 117 118 if ("data".equals(src.getScheme())) 118 119 { 119 120 imageSrc = new URL(null, src.toASCIIString(), new Handler()); 120 } else121 {122 try123 {124 imageSrc = src.toURL();125 } catch (Exception e)126 {127 Logger.getLogger(SVGConst.SVG_LOGGER).log(Level.WARNING,128 "Could not parse xlink:href " + src, e);129 // e.printStackTrace();130 imageSrc = null;131 }132 121 } 133 122 } … … 137 126 } 138 127 139 diagram.getUniverse().registerImage(imageSrc); 140 141 //Set widths if not set 142 BufferedImage img = diagram.getUniverse().getImage(imageSrc); 143 if (img == null) 144 { 128 if (imageSrc != null) 129 { 130 diagram.getUniverse().registerImage(imageSrc); 131 132 //Set widths if not set 133 BufferedImage img = diagram.getUniverse().getImage(imageSrc); 134 if (img == null) 135 { 136 xform = new AffineTransform(); 137 bounds = new Rectangle2D.Float(); 138 return; 139 } 140 141 if (width == 0) 142 { 143 width = img.getWidth(); 144 } 145 if (height == 0) 146 { 147 height = img.getHeight(); 148 } 149 150 //Determine image xform 145 151 xform = new AffineTransform(); 146 bounds = new Rectangle2D.Float(); 147 return; 148 } 149 150 if (width == 0) 151 { 152 width = img.getWidth(); 153 } 154 if (height == 0) 155 { 156 height = img.getHeight(); 157 } 158 159 //Determine image xform 160 xform = new AffineTransform(); 161 // xform.setToScale(this.width / img.getWidth(), this.height / img.getHeight()); 162 // xform.translate(this.x, this.y); 163 xform.translate(this.x, this.y); 164 xform.scale(this.width / img.getWidth(), this.height / img.getHeight()); 152 xform.translate(this.x, this.y); 153 xform.scale(this.width / img.getWidth(), this.height / img.getHeight()); 154 } 165 155 166 156 bounds = new Rectangle2D.Float(this.x, this.y, this.width, this.height); … … 336 326 URI src = sty.getURIValue(getXMLBase()); 337 327 338 URL newVal; 328 URL newVal = null; 329 // CVE-2017-5617: Allow only data scheme 339 330 if ("data".equals(src.getScheme())) 340 331 { 341 332 newVal = new URL(null, src.toASCIIString(), new Handler()); 342 } else343 {344 newVal = src.toURL();345 333 } 346 334 347 if ( !newVal.equals(imageSrc))335 if (newVal != null && !newVal.equals(imageSrc)) 348 336 { 349 337 imageSrc = newVal;
Note:
See TracChangeset
for help on using the changeset viewer.