String16: remove integer overflows
Bug: 73826242 Test: manual Change-Id: I32e13d61b944c1a527cf2d95473552d246e322be
This commit is contained in:
Steven Moreland
parent
cdf0fc6018
commit
0e5fbea01c
1 changed files with 34 additions and 28 deletions
|
|
@ -79,6 +79,23 @@ static char16_t* allocFromUTF8(const char* u8str, size_t u8len)
|
|||
return getEmptyString();
|
||||
}
|
||||
|
||||
static char16_t* allocFromUTF16(const char16_t* u16str, size_t u16len) {
|
||||
if (u16len >= SIZE_MAX / sizeof(char16_t)) {
|
||||
android_errorWriteLog(0x534e4554, "73826242");
|
||||
abort();
|
||||
}
|
||||
|
||||
SharedBuffer* buf = SharedBuffer::alloc((u16len + 1) * sizeof(char16_t));
|
||||
ALOG_ASSERT(buf, "Unable to allocate shared buffer");
|
||||
if (buf) {
|
||||
char16_t* str = (char16_t*)buf->data();
|
||||
memcpy(str, u16str, u16len * sizeof(char16_t));
|
||||
str[u16len] = 0;
|
||||
return str;
|
||||
}
|
||||
return getEmptyString();
|
||||
}
|
||||
|
||||
// ---------------------------------------------------------------------------
|
||||
|
||||
String16::String16()
|
||||
|
|
@ -111,35 +128,9 @@ String16::String16(const String16& o, size_t len, size_t begin)
|
|||
setTo(o, len, begin);
|
||||
}
|
||||
|
||||
String16::String16(const char16_t* o)
|
||||
{
|
||||
size_t len = strlen16(o);
|
||||
SharedBuffer* buf = SharedBuffer::alloc((len+1)*sizeof(char16_t));
|
||||
ALOG_ASSERT(buf, "Unable to allocate shared buffer");
|
||||
if (buf) {
|
||||
char16_t* str = (char16_t*)buf->data();
|
||||
strcpy16(str, o);
|
||||
mString = str;
|
||||
return;
|
||||
}
|
||||
String16::String16(const char16_t* o) : mString(allocFromUTF16(o, strlen16(o))) {}
|
||||
|
||||
mString = getEmptyString();
|
||||
}
|
||||
|
||||
String16::String16(const char16_t* o, size_t len)
|
||||
{
|
||||
SharedBuffer* buf = SharedBuffer::alloc((len+1)*sizeof(char16_t));
|
||||
ALOG_ASSERT(buf, "Unable to allocate shared buffer");
|
||||
if (buf) {
|
||||
char16_t* str = (char16_t*)buf->data();
|
||||
memcpy(str, o, len*sizeof(char16_t));
|
||||
str[len] = 0;
|
||||
mString = str;
|
||||
return;
|
||||
}
|
||||
|
||||
mString = getEmptyString();
|
||||
}
|
||||
String16::String16(const char16_t* o, size_t len) : mString(allocFromUTF16(o, len)) {}
|
||||
|
||||
String16::String16(const String8& o)
|
||||
: mString(allocFromUTF8(o.string(), o.size()))
|
||||
|
|
@ -201,6 +192,11 @@ status_t String16::setTo(const char16_t* other)
|
|||
|
||||
status_t String16::setTo(const char16_t* other, size_t len)
|
||||
{
|
||||
if (len >= SIZE_MAX / sizeof(char16_t)) {
|
||||
android_errorWriteLog(0x534e4554, "73826242");
|
||||
abort();
|
||||
}
|
||||
|
||||
SharedBuffer* buf = SharedBuffer::bufferFromData(mString)
|
||||
->editResize((len+1)*sizeof(char16_t));
|
||||
if (buf) {
|
||||
|
|
@ -224,6 +220,11 @@ status_t String16::append(const String16& other)
|
|||
return NO_ERROR;
|
||||
}
|
||||
|
||||
if (myLen >= SIZE_MAX / sizeof(char16_t) - otherLen) {
|
||||
android_errorWriteLog(0x534e4554, "73826242");
|
||||
abort();
|
||||
}
|
||||
|
||||
SharedBuffer* buf = SharedBuffer::bufferFromData(mString)
|
||||
->editResize((myLen+otherLen+1)*sizeof(char16_t));
|
||||
if (buf) {
|
||||
|
|
@ -245,6 +246,11 @@ status_t String16::append(const char16_t* chrs, size_t otherLen)
|
|||
return NO_ERROR;
|
||||
}
|
||||
|
||||
if (myLen >= SIZE_MAX / sizeof(char16_t) - otherLen) {
|
||||
android_errorWriteLog(0x534e4554, "73826242");
|
||||
abort();
|
||||
}
|
||||
|
||||
SharedBuffer* buf = SharedBuffer::bufferFromData(mString)
|
||||
->editResize((myLen+otherLen+1)*sizeof(char16_t));
|
||||
if (buf) {
|
||||
|
|
|
|||
Loading…
Reference in a new issue