Zxc200611/pocketpy
1
0
Fork 0
mirror of https://github.com/pocketpy/pocketpy synced 2025-11-09 21:20:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

perform boundary check before searching to prevent security vulnerabilities

Browse Source
This commit is contained in:
albertexye 2024-04-01 14:19:01 -04:00
parent cb15db1f0e
commit 4b10090f70
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/str.cpp
View File

@ -266,6 +266,7 @@ int utf8len(unsigned char c, bool suppress){
}
int Str::index(const Str& sub, int start) const {
if (start < 0 || start >= this->u8_length()) return -1;
auto p = std::search(data + start, data + size, sub.data, sub.data + sub.size);
if(p == data + size) return -1;
return p - data;