diff options
author | Sybren A. Stüvel <sybren@blender.org> | 2022-02-18 18:32:33 +0300 |
---|---|---|
committer | Sybren A. Stüvel <sybren@blender.org> | 2022-02-18 18:34:00 +0300 |
commit | 1b47d07d7661b26b462f0e6fe87dabeb24d85168 (patch) | |
tree | 317438db693fb0dff14877568d9b439356eea927 /source | |
parent | e4b7d52fe4fe3076f5f68ff575c200f5cf16e416 (diff) |
Fix T95724: boundary error in `BLI_str_unescape_ex`
Fix boundary error in `BLI_str_unescape_ex`. The `dst_maxncpy` parameter
indicates the maximum buffer size, not the maximum number of characters.
As these are strings, the loop has to stop one byte early to allow space
for the trailing zero byte.
Thanks @mano-wii for the patch!
Diffstat (limited to 'source')
-rw-r--r-- | source/blender/blenlib/intern/string.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/source/blender/blenlib/intern/string.c b/source/blender/blenlib/intern/string.c index 2c626773871..2e23bacfb28 100644 --- a/source/blender/blenlib/intern/string.c +++ b/source/blender/blenlib/intern/string.c @@ -323,8 +323,9 @@ size_t BLI_str_unescape_ex(char *__restrict dst, { size_t len = 0; bool is_complete = true; + const size_t max_strlen = dst_maxncpy - 1; /* Account for trailing zero byte. */ for (const char *src_end = src + src_maxncpy; (src < src_end) && *src; src++) { - if (UNLIKELY(len == dst_maxncpy)) { + if (UNLIKELY(len == max_strlen)) { is_complete = false; break; } |