Fix buffer overflows due to incorrect use of sizeof

A snippet of example code: UTF16 pszFilter[1024]; ... convertUTF8toUTF16((UTF8 *)mData.mFilters, pszFilter, sizeof(pszFilter)); Since the conversion function is expecting the third parameter to be the length in 16-bit characters, *not* bytes, this results in the function writing outside the bounds of the output array. To make this less likely to happen in the future (I hope), I've provided a template function that infers the correct size of a static array, so it's no longer necessary to pass the size in most cases. The sized function has been renamed with an "N" suffix to hopefully encourage this use. This bug was caught due to a warning from MSVC about stack corruption occurring in codeBlock::exec(), after opening a file open dialog twice in succession. After some hunting, I found that this was due to FileDialog::Execute() passing incorrect buffer sizes to the conversion function, which resulted in the function writing a null terminator into some memory that happened to be in the stack frame of codeBlock::exec()!
2026-02-13 03:33:48 +00:00 · 2015-01-20 16:21:56 -05:00 · 2015-01-20 16:21:56 -05:00 · a88339c219
commit a88339c219
parent d6beb3594a
11 changed files with 55 additions and 49 deletions
--- a/Engine/source/core/stringBuffer.cpp
+++ b/Engine/source/core/stringBuffer.cpp
@ -141,7 +141,7 @@ void StringBuffer::set(const UTF8 *in)
   incRequestCount8();
   // Convert and store. Note that a UTF16 version of the string cannot be longer.
   FrameTemp<UTF16> tmpBuff(dStrlen(in)+1);
-   if(!in || in[0] == 0 || !convertUTF8toUTF16(in, tmpBuff, dStrlen(in)+1))
+   if(!in || in[0] == 0 || !convertUTF8toUTF16N(in, tmpBuff, dStrlen(in)+1))
   {
      // Easy out, it's a blank string, or a bad string.
      mBuffer.clear();