From 9a013637bbe7c35dc90cb28ff874da99133a1f8b Mon Sep 17 00:00:00 2001
From: Jean-Marc Lasgouttes <lasgouttes@lyx.org>
Date: Fri, 10 Mar 2017 16:29:09 +0100
Subject: [PATCH] Experiment: limit size of strings read from lib/symbols

Coverity complains that we might read strings that are arbitrary
large, and that this can be a security issue. This is a problem in
particular, when we feed these strings to from_utf8(), which coverity
flags as dangerous for some reason.

The best solution would be IMO to model from_utf8() properly, but I do
not know how to do that. Here I try a different solution, where I
cannot read a string larger than 64k from the file.

Let's see whether this removes part of coverity warnings.
---
 src/mathed/MathFactory.cpp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/mathed/MathFactory.cpp b/src/mathed/MathFactory.cpp
index 3198f80de6..2cd045b0cc 100644
--- a/src/mathed/MathFactory.cpp
+++ b/src/mathed/MathFactory.cpp
@@ -74,6 +74,7 @@
 #include "LyX.h" // use_gui
 #include "OutputParams.h"
 
+#include <iomanip>
 
 using namespace std;
 using namespace lyx::support;
@@ -188,7 +189,7 @@ void initSymbols()
 			string extra;
 			string xmlname;
 			bool hidden = false;
-			is >> macro >> requires;
+			is >> setw(65536) >> macro >> requires;
 			if ((is >> xmlname)) {
 				extra = requires;
 				if (!(is >> requires))
-- 
2.39.2