From c0a5ed81f46a857c655069c24b0a7dcbbf72b3f9 Mon Sep 17 00:00:00 2001
From: Gunnar Beutner <gunnar@beutner.name>
Date: Wed, 14 Jan 2015 17:02:10 +0100
Subject: [PATCH] Improve argument validation for the String#substr and
 String#find methods

refs #8169
---
 lib/base/string-script.cpp | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/lib/base/string-script.cpp b/lib/base/string-script.cpp
index 321994300..725270d9a 100644
--- a/lib/base/string-script.cpp
+++ b/lib/base/string-script.cpp
@@ -49,7 +49,7 @@ static String StringSubstr(const std::vector<Value>& args)
 	if (args.empty())
 		BOOST_THROW_EXCEPTION(std::invalid_argument("Too few arguments"));
 
-	if (static_cast<double>(args[0]) >= self.GetLength())
+	if (static_cast<double>(args[0]) < 0 || static_cast<double>(args[0]) >= self.GetLength())
 		BOOST_THROW_EXCEPTION(std::invalid_argument("String index is out of range"));
 
 	if (args.size() > 1)
@@ -96,9 +96,12 @@ static Value StringFind(const std::vector<Value>& args)
 
 	String::SizeType result;
 
-	if (args.size() > 1)
+	if (args.size() > 1) {
+		if (static_cast<double>(args[1]) < 0)
+			BOOST_THROW_EXCEPTION(std::invalid_argument("String index is out of range"));
+
 		result = self.Find(args[0], args[1]);
-	else
+	} else
 		result = self.Find(args[0]);
 
 	if (result == String::NPos)
-- 
2.40.0