* Refix export fbx PolygonVertexIndex
* Fix the function ColladaParser::ReadEffectColor when the flag ASSIMP_DOUBLE_PRESICION is enabled
* Fix the static function ReadLight in ColladaParser when the flag ASSIMP_DOUBLE_PRESICION is enabled
* Refactor of the call of the function fast_atoreal_move to the member of aiColor3D
* Fix the call of the function fast_atoreal_move when the flag ASSIMP_DOUBLE_PRESICION is enabled and and refactor
* Fix the call of the function fast_atoreal_move when the flag ASSIMP_DOUBLE_PRESICION is enabled
---------
Co-authored-by: Kim Kulling <kimkulling@users.noreply.github.com>
description:
- heap buffer overflow in AI_MD5_PARSE_STRING_IN_QUOTATION. An attacker could potentially exploit the vulnerability to cause a remote code execution,
if they can trick the victim into running assimp on a malformed MD5 file
fix:
- truncated the string to the maximum supported length, mitigating overflow
Co-authored-by: Vinz Spring <vinzs@amazon.de>
Co-authored-by: Kim Kulling <kimkulling@users.noreply.github.com>
* Harmonize Importer #includes
Some importers referred to their headers via `#include "AssetLib/[format]/[header.h"`, others via `#include "[header].h"`, others mixed both (e.g. IRR). This is a matter of taste, but it should at least be done the same way everywhere.
Most importers seem to prefer `#include "[header].h"`, so this commit enforces it.
Cross-referencing files from other importers is still done through `AssetLib/[format]`.
Assimp headers are not affected and I would advise against changing them, as this could lead to subtle collisions with user includes.
* went one too far
---------
Co-authored-by: Krishty <krishty@krishty.com>
Co-authored-by: Kim Kulling <kimkulling@users.noreply.github.com>
* Fix Whitespace
No functional changes. This commit removes trailing spaces, undesired line breaks, and formatting screwups.
* Remove more useless line breaks in license (500 out of 630 license copies do NOT use double line breaks here)
---------
Co-authored-by: Krishty <krishty@krishty.com>
Co-authored-by: Kim Kulling <kimkulling@users.noreply.github.com>
BaseImporter::SearchFileHeaderForToken() expected a pointer to a non-const token list. This was probably an oversight, as nobody would realistically expect the function to change the list. Furthermore, it prevented token lists from being compiled to read-only memory, in some cases even causing the compiler to generate thread-safe initialization.
The list is now const and all callers declare their token lists static const, thus compiling them to read-only memory.
The search for a matching importer had a few issues, see #3791. There were two different mechanisms to determine whether an importer accepts a specific file extension:
1. `aiImporterDesc::mFileExtensions`, which was forwarded to the UI via `BaseImporter::GetExtensionList()`.
2. `BaseImporter::CanRead()` when called with `checkSig == false`, which determines whether to actually use that importer.
Both were redundant and got out of sync repeatedly. I removed 2. completely and replaced it with 1., thereby syncing UI/import and shortening all `BaseImporter::CanRead()` implementations.
Further bugfixes:
- fixed glTF2 importer throwing exceptions when checking whether it can load a file
- removed `BaseImporter::SimpleExtensionCheck()` because it is no longer used and had a bug with case sensitivity
Since the `checkSig` parameter in `BaseImporter::CanRead()` is now useless, it can be removed completely. I’m not sure if this would break ABI compatiblity, so I’ll submit it with a later pull request.
