aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/linden/indra/llmessage/lldatapacker.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'linden/indra/llmessage/lldatapacker.cpp')
-rw-r--r--linden/indra/llmessage/lldatapacker.cpp23
1 files changed, 18 insertions, 5 deletions
diff --git a/linden/indra/llmessage/lldatapacker.cpp b/linden/indra/llmessage/lldatapacker.cpp
index 1cdb475..e4243a5 100644
--- a/linden/indra/llmessage/lldatapacker.cpp
+++ b/linden/indra/llmessage/lldatapacker.cpp
@@ -186,18 +186,31 @@ BOOL LLDataPackerBinaryBuffer::packString(const std::string& value, const char *
186 return success; 186 return success;
187} 187}
188 188
189
190BOOL LLDataPackerBinaryBuffer::unpackString(std::string& value, const char *name) 189BOOL LLDataPackerBinaryBuffer::unpackString(std::string& value, const char *name)
191{ 190{
192 BOOL success = TRUE; 191 //Sanitise the string before attemping ANY buffer operations
193 S32 length = (S32)strlen((char *)mCurBufferp) + 1; /*Flawfinder: ignore*/ 192 U8 * pos;
193 S32 length=0;
194 for(pos=mCurBufferp;pos<(mBufferp+mBufferSize);pos++)
195 {
196 length++;
197 if((*pos)==0)
198 break;
199 }
194 200
195 success &= verifyLength(length, name); 201 if(length>=mBufferSize)
202 {
203 llwarns << "Unpack string failed, null termination not found"<<llendl;
204 return false;
205 }
206
207 if(!verifyLength(length, name))
208 return false;
196 209
197 value = std::string((char*)mCurBufferp); // We already assume NULL termination calling strlen() 210 value = std::string((char*)mCurBufferp); // We already assume NULL termination calling strlen()
198 211
199 mCurBufferp += length; 212 mCurBufferp += length;
200 return success; 213 return true;
201} 214}
202 215
203BOOL LLDataPackerBinaryBuffer::packBinaryData(const U8 *value, S32 size, const char *name) 216BOOL LLDataPackerBinaryBuffer::packBinaryData(const U8 *value, S32 size, const char *name)
generated by cgit v1.1 at 2025-02-07 12:36:30 +0000