From d3f2a4ba93a430d7900f8b0e02d9717bf72e7ea1 Mon Sep 17 00:00:00 2001 From: Andy Heninger Date: Fri, 9 May 2014 17:54:54 +0000 Subject: [PATCH] ICU-10891 Fix buffer overflow problem in uresbund.cpp X-SVN-Rev: 35699 --- icu4c/source/common/uresbund.cpp | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/icu4c/source/common/uresbund.cpp b/icu4c/source/common/uresbund.cpp index c212f15e088..afe708e8d60 100644 --- a/icu4c/source/common/uresbund.cpp +++ b/icu4c/source/common/uresbund.cpp @@ -1,6 +1,6 @@ /* ****************************************************************************** -* Copyright (C) 1997-2013, International Business Machines Corporation and +* Copyright (C) 1997-2014, International Business Machines Corporation and * others. All Rights Reserved. ****************************************************************************** * @@ -36,6 +36,7 @@ #include "putilimp.h" #include "uassert.h" +using namespace icu; /* Static cache for already opened resource bundles - mostly for keeping fallback info @@ -1732,8 +1733,8 @@ ures_getByKeyWithFallback(const UResourceBundle *resB, const char* key = inKey; if(res == RES_BOGUS) { UResourceDataEntry *dataEntry = resB->fData; - char path[256]; - char* myPath = path; + CharString path; + char *myPath = NULL; const char* resPath = resB->fResPath; int32_t len = resB->fResPathLen; while(res == RES_BOGUS && dataEntry->fParent != NULL) { /* Otherwise, we'll look in parents */ @@ -1741,11 +1742,16 @@ ures_getByKeyWithFallback(const UResourceBundle *resB, rootRes = dataEntry->fData.rootRes; if(dataEntry->fBogus == U_ZERO_ERROR) { + path.clear(); if (len > 0) { - uprv_memcpy(path, resPath, len); + path.append(resPath, len, *status); } - uprv_strcpy(path+len, inKey); - myPath = path; + path.append(inKey, *status); + if (U_FAILURE(*status)) { + ures_close(helper); + return fillIn; + } + myPath = path.data(); key = inKey; do { res = res_findResource(&(dataEntry->fData), rootRes, &myPath, &key); -- 2.40.0