From 00a87deb5fc33be4512b71725d2593555de79171 Mon Sep 17 00:00:00 2001 From: Courtney Goeltzenleuchter Date: Wed, 21 Dec 2016 16:24:34 -0700 Subject: loader: Fix validation error The string length validation will not detect strings that exceed the max length. For example, when i = max_length-1 and utf8[i] is a valid character (>= 0x20 and < 0x7f) no error is thrown and the next iteration will end the loop. This change extends the loop and the if check to catch this issue. --- layers/vk_layer_utils.cpp | 5 ++++- loader/loader.c | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/layers/vk_layer_utils.cpp b/layers/vk_layer_utils.cpp index 4ad1989b..8d912d71 100644 --- a/layers/vk_layer_utils.cpp +++ b/layers/vk_layer_utils.cpp @@ -695,9 +695,12 @@ VK_LAYER_EXPORT VkStringErrorFlags vk_string_validate(const int max_length, cons int num_char_bytes = 0; int i, j; - for (i = 0; i < max_length; i++) { + for (i = 0; i <= max_length; i++) { if (utf8[i] == 0) { break; + } else if (i == max_length) { + result = VK_STRING_ERROR_LENGTH; + break; } else if ((utf8[i] >= 0xa) && (utf8[i] < 0x7f)) { num_char_bytes = 0; } else if ((utf8[i] & UTF8_ONE_BYTE_MASK) == UTF8_ONE_BYTE_CODE) { diff --git a/loader/loader.c b/loader/loader.c index 2ed52c4b..4061cd55 100644 --- a/loader/loader.c +++ b/loader/loader.c @@ -4752,9 +4752,12 @@ VkStringErrorFlags vk_string_validate(const int max_length, const char *utf8) { int num_char_bytes = 0; int i, j; - for (i = 0; i < max_length; i++) { + for (i = 0; i <= max_length; i++) { if (utf8[i] == 0) { break; + } else if (i == max_length) { + result |= VK_STRING_ERROR_LENGTH; + break; } else if ((utf8[i] >= 0x20) && (utf8[i] < 0x7f)) { num_char_bytes = 0; } else if ((utf8[i] & UTF8_ONE_BYTE_MASK) == UTF8_ONE_BYTE_CODE) { -- cgit v1.2.3