diff options
author | RĂ©mi Verschelde <rverschelde@gmail.com> | 2018-08-14 15:47:34 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-08-14 15:47:34 +0200 |
commit | 9a6e4d10b495211d68088806e45bdf1242244c7c (patch) | |
tree | af65a8405bd83ff3723a798b593d57a40c78ae33 | |
parent | 8c38bab6d719bc2e49f4826330529278f18e7ae5 (diff) | |
parent | f3b2689aa6fdc8dd4ab01fdded7fd94a5e998a4c (diff) |
Merge pull request #20772 from dragmz/string_copy_oob_read_fix
Fix out of buffer read when copying from a non-null-terminated string
-rw-r--r-- | core/ustring.cpp | 9 | ||||
-rw-r--r-- | core/ustring.h | 4 |
2 files changed, 5 insertions, 8 deletions
diff --git a/core/ustring.cpp b/core/ustring.cpp index 96d142d85b..8717c14a6b 100644 --- a/core/ustring.cpp +++ b/core/ustring.cpp @@ -148,7 +148,7 @@ void String::copy_from(const char *p_cstr) { } } -void String::copy_from(const CharType *p_cstr, int p_clip_to) { +void String::copy_from(const CharType *p_cstr, const int p_clip_to) { if (!p_cstr) { @@ -158,12 +158,9 @@ void String::copy_from(const CharType *p_cstr, int p_clip_to) { int len = 0; const CharType *ptr = p_cstr; - while (*(ptr++) != 0) + while ((p_clip_to < 0 || len < p_clip_to) && *(ptr++) != 0) len++; - if (p_clip_to >= 0 && len > p_clip_to) - len = p_clip_to; - if (len == 0) { resize(0); @@ -177,7 +174,7 @@ void String::copy_from(const CharType *p_cstr, int p_clip_to) { // p_char != NULL // p_length > 0 // p_length <= p_char strlen -void String::copy_from_unchecked(const CharType *p_char, int p_length) { +void String::copy_from_unchecked(const CharType *p_char, const int p_length) { resize(p_length + 1); set(p_length, 0); diff --git a/core/ustring.h b/core/ustring.h index 3b4405833c..01397f6912 100644 --- a/core/ustring.h +++ b/core/ustring.h @@ -84,9 +84,9 @@ class String { CowData<CharType> _cowdata; void copy_from(const char *p_cstr); - void copy_from(const CharType *p_cstr, int p_clip_to = -1); + void copy_from(const CharType *p_cstr, const int p_clip_to = -1); void copy_from(const CharType &p_char); - void copy_from_unchecked(const CharType *p_char, int p_length); + void copy_from_unchecked(const CharType *p_char, const int p_length); bool _base_is_subsequence_of(const String &p_string, bool case_insensitive) const; public: |