Re: Warning in svg_load_image

[Eli Zaretskii]

> From: Po Lu <luangruo@yahoo.com>
> Date: Mon, 21 Feb 2022 15:53:51 +0800
> 
> image.c: In function 'svg_load_image':
> image.c:10776:7: warning: '%f' directive output may be truncated writing 
> between 8 and 317 bytes into a region of size between 167 and 187 
> [-Wformat-truncation=]
>        "<svg xmlns:xlink=\"http://www.w3.org/1999/xlink\"; "
>        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> image.c:10780:22: note: format string is defined here
>        "viewBox=\"0 0 %f %f\">"
>                       ^~
> image.c:10776:7: note: directive argument in the range [0, 16777215]
>        "<svg xmlns:xlink=\"http://www.w3.org/1999/xlink\"; "
>        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> image.c:10776:7: note: assuming directive output of 1 byte
> image.c:10802:24: note: 'snprintf' output 330 or more bytes (assuming 331) 
> into a destination of size 383
>      if (buffer_size <= snprintf (wrapped_contents, buffer_size, wrapper,
>                         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>       foreground & 0xFFFFFF, width, height,
>       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>       viewbox_width, viewbox_height,
>       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>       background & 0xFFFFFF,
>       ~~~~~~~~~~~~~~~~~~~~~~
>       SSDATA (encoded_contents)))
>       ~~~~~~~~~~~~~~~~~~~~~~~~~~
> 
> Does anyone want to fix this?

Not really, but does the below fix these, by chance?

diff --git a/src/image.c b/src/image.c
index e2ba744..02b58b9 100644
--- a/src/image.c
+++ b/src/image.c
@@ -10632,9 +10632,9 @@ svg_load_image (struct frame *f, struct image *img, 
char *contents,
       strncpy (css, SSDATA (lcss), SBYTES (lcss));
       *(css + SBYTES (lcss) + 1) = 0;
     }
-#endif
+#endif /* LIBRSVG >= 2.48.0 */
 
-#else
+#else  /* LIBRSVG < 2.32.0 */
   /* Make a handle to a new rsvg object.  */
   rsvg_handle = rsvg_handle_new ();
   eassume (rsvg_handle);
@@ -10657,7 +10657,7 @@ svg_load_image (struct frame *f, struct image *img, 
char *contents,
      it for further writes.  */
   rsvg_handle_close (rsvg_handle, &err);
   if (err) goto rsvg_error;
-#endif
+#endif /* LIBRSVG 2.32.0 */
 
   /* Get the image dimensions.  */
 #if LIBRSVG_CHECK_VERSION (2, 46, 0)
@@ -10727,13 +10727,13 @@ svg_load_image (struct frame *f, struct image *img, 
char *contents,
          viewbox_height = viewbox.y + viewbox.height;
        }
     }
-#else
+#else  /* LIBRSVG < 2.46.0 */
   /* In librsvg before 2.46.0, guess the viewbox from the image dimensions.  */
   RsvgDimensionData dimension_data;
   rsvg_handle_get_dimensions (rsvg_handle, &dimension_data);
   viewbox_width = dimension_data.width;
   viewbox_height = dimension_data.height;
-#endif
+#endif /* LIBRSVG < 2.46.0 */
 
 #ifdef HAVE_NATIVE_TRANSFORMS
   compute_image_size (viewbox_width, viewbox_height, img,
@@ -10777,7 +10777,7 @@ svg_load_image (struct frame *f, struct image *img, 
char *contents,
       "xmlns:xi=\"http://www.w3.org/2001/XInclude\"; "
       "style=\"color: #%06X; fill: currentColor;\" "
       "width=\"%d\" height=\"%d\" preserveAspectRatio=\"none\" "
-      "viewBox=\"0 0 %f %f\">"
+      "viewBox=\"0 0 %.0f %.0f\">"
       "<rect width=\"100%%\" height=\"100%%\" fill=\"#%06X\"/>"
       "<xi:include href=\"data:image/svg+xml;base64,%s\"></xi:include>"
       "</svg>";
@@ -10801,7 +10801,9 @@ svg_load_image (struct frame *f, struct image *img, 
char *contents,
 
     if (buffer_size <= snprintf (wrapped_contents, buffer_size, wrapper,
                                 foreground & 0xFFFFFF, width, height,
-                                viewbox_width, viewbox_height,
+                                /* Sanitize the viewBox dimensions.  */
+                                min (viewbox_width, 10000.),
+                                min (viewbox_height, 10000.),
                                 background & 0xFFFFFF,
                                 SSDATA (encoded_contents)))
       goto rsvg_error;