From 0b365bf245fd3b17dfd16d1828fcdbaf0820d947 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sl=C3=A1vek=20Banko?= Date: Tue, 19 Apr 2022 18:54:00 +0200 Subject: TDEMarkdown: Ensure that the loaded file content and generated HTML are terminated by zero terminator to avoid reading overflow. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Slávek Banko --- tdemarkdown/markdown_part.cpp | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/tdemarkdown/markdown_part.cpp b/tdemarkdown/markdown_part.cpp index 604873fc3..7ea3d99b1 100644 --- a/tdemarkdown/markdown_part.cpp +++ b/tdemarkdown/markdown_part.cpp @@ -73,6 +73,11 @@ bool MarkdownPart::openURL(const KURL& u) if(!data.isNull()) { + if (data[data.size()-1] != '\0') + { + data.resize(data.size()+1); + data[data.size()-1] = '\0'; + } begin(u); TQString parsed(parse((MD_CHAR*) data.data())); write(parsed); @@ -109,6 +114,11 @@ TQString& MarkdownPart::parse(MD_CHAR* document) } else { + if (data[data.size()-1] != '\0') + { + data.resize(data.size()+1); + data[data.size()-1] = '\0'; + } m_buffer += TQString::fromLocal8Bit(data); } -- cgit v1.2.3