dave/openttd
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix #11644: Off by one error/buffer over-read in StrMakeValid (#11645)

Browse Source 
* Fix #11644: Off by one error in StrMakeValid UTF-8 decode overrun detection

* Fix #11644: Off by one error in StrMakeValid buffer last character

* Fix: Unnecessary string duplication at StrMakeValid call sites
This commit is contained in:
Jonathan G Rennison
2024-01-01 18:26:31 +00:00
committed by GitHub
parent a672813bb0
commit 88324a253e
3 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/string.cpp
View File

@@ -141,7 +141,7 @@ static void StrMakeValid(T &dst, const char *str, const char *last, StringValida
* would also reach the "last" byte of the string and a normal '\0'
* termination will be placed after it.
*/
if (len == 0 || str + len > last || len != Utf8Decode(&c, str)) {
if (len == 0 || str + len > last + 1 || len != Utf8Decode(&c, str)) {
/* Maybe the next byte is still a valid character? */
str++;
continue;
@@ -211,8 +211,10 @@ void StrMakeValidInPlace(char *str, StringValidationSettings settings)
*/
std::string StrMakeValid(std::string_view str, StringValidationSettings settings)
{
if (str.empty()) return {};
auto buf = str.data();
auto last = buf + str.size();
auto last = buf + str.size() - 1;
std::ostringstream dst;
std::ostreambuf_iterator<char> dst_iter(dst);