Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Merge pull request #11 from dapatil/master

Fixed a buffer overflow in stringByRegex
  • Loading branch information...
commit ca5ca130dbb097100b9501cad59d877c9806c67d 2 parents ec57069 + 7a69743
@artifacts authored
Showing with 11 additions and 2 deletions.
  1. +11 −2 src/3rdparty/AFRegexString/AFRegexString.m
View
13 src/3rdparty/AFRegexString/AFRegexString.m
@@ -84,8 +84,14 @@ - (NSString *)stringByRegex:(NSString*)pattern substitution:(NSString*)substitut
}
else
{
- char buf[4096];
- strcpy(buf, [self UTF8String]);
+ char buffer[4096];
+ char *buf = buffer;
+ const char *utf8String = [self UTF8String];
+
+ if(strlen(utf8String) >= sizeof(buffer))
+ buf = malloc(strlen(utf8String) + 1);
+
+ strcpy(buf, utf8String);
char *replaceStr = (char*)[substitute UTF8String];
if (rreplace (buf, 4096, &preg, replaceStr))
@@ -98,6 +104,9 @@ - (NSString *)stringByRegex:(NSString*)pattern substitution:(NSString*)substitut
{
result = [NSString stringWithUTF8String:buf];
}
+
+ if(buf != buffer)
+ free(buf);
}
Please sign in to comment.
Something went wrong with that request. Please try again.