RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-27 05:17:35 +00:00
Code Issues Activity Actions

AK: Don't compare past '\0' in StringView::operator==(const char*)

Browse source 
We kept scanning the needle string even after hitting a null terminator
and that's clearly not right.

Found by oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31338
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31351
This commit is contained in:
Andreas Kling 2021-02-24 22:10:32 +01:00
parent 9bc3c3c962
commit 42133a196a
1 changed files with 2 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
AK/StringView.h
View file

@ -147,6 +147,8 @@ public:
// NOTE: `m_characters` is not guaranteed to be null-terminated, but `cstring` is.
const char* cp = cstring;
for (size_t i = 0; i < m_length; ++i) {
if (!*cp)
return false;
if (m_characters[i] != *(cp++))
return false;
}