首页 发现 帮助
登录
software
/
assimp.assimp
镜像自地址 https://github.com/assimp/assimp.git
2
0
派生 0
文件 工单管理 0 Wiki
浏览代码

Fix read past end of buffer after call to TokenMatch

IsSpaceOrNewLine returns true on end of input (NUL character). But if
TokenMatch considers a token at end of input to match it sets "in" to
one past end of buffer. This will lead to reading past the end of
buffer on any subsequent operation.
Turo Lamminen 10 年之前
父节点
7d3d66936b
当前提交
c342778f42
共有 1 个文件被更改,包括 5 次插入0 次删除
分列视图 显示文件统计
  1. 5 0
      code/ParsingUtils.h

+ 5 - 0
code/ParsingUtils.h
查看文件 

@@ -201,7 +201,12 @@ template <class char_t>
 
 AI_FORCE_INLINE bool TokenMatch(char_t*& in, const char* token, unsigned int len)

 {

 	if (!::strncmp(token,in,len) && IsSpaceOrNewLine(in[len])) {

+		if (in[len] != '\0') {

 		in += len+1;

+		} else {

+			// If EOF after the token make sure we don't go past end of buffer

+			in += len;

+		}

 		return true;

 	}