diff options
| author | anfedotoff <anfedotoff@yandex-team.com> | 2023-11-30 09:29:43 +0300 |
|---|---|---|
| committer | anfedotoff <anfedotoff@yandex-team.com> | 2023-11-30 10:00:44 +0300 |
| commit | 98ecc8deb38724114150e3758b86eb79dc9f12a9 (patch) | |
| tree | 5ba7714310b2b29b4175c66c055c7815e82936f1 | |
| parent | 4bce8be85ae9a505d60f96e7f432382ced897988 (diff) | |
| download | ydb-98ecc8deb38724114150e3758b86eb79dc9f12a9.tar.gz | |
Fix stack buffer overflow in contrib/libs/poco
| -rw-r--r-- | contrib/libs/poco/Foundation/src/TextIterator.cpp | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/contrib/libs/poco/Foundation/src/TextIterator.cpp b/contrib/libs/poco/Foundation/src/TextIterator.cpp index e61bad3731..f82aa7821f 100644 --- a/contrib/libs/poco/Foundation/src/TextIterator.cpp +++ b/contrib/libs/poco/Foundation/src/TextIterator.cpp @@ -108,12 +108,14 @@ int TextIterator::operator * () const int read = 1; int n = _pEncoding->queryConvert(buffer, 1); - while (-1 > n && (_end - it) >= -n - read) + while (-1 > n && (_end - it) >= (-n - read) && + TextEncoding::MAX_SEQUENCE_LENGTH > read) { - while (read < -n && it != _end) - { - *p++ = *it++; - read++; + while (read < -n && it != _end && + read < TextEncoding::MAX_SEQUENCE_LENGTH) + { + *p++ = *it++; + read++; } n = _pEncoding->queryConvert(buffer, read); } @@ -145,9 +147,11 @@ TextIterator& TextIterator::operator ++ () int read = 1; int n = _pEncoding->sequenceLength(buffer, 1); - while (-1 > n && (_end - _it) >= -n - read) + while (-1 > n && (_end - _it) >= (-n - read) && + TextEncoding::MAX_SEQUENCE_LENGTH > read) { - while (read < -n && _it != _end) + while (read < -n && _it != _end && + read < TextEncoding::MAX_SEQUENCE_LENGTH) { *p++ = *_it++; read++; |