From 2c287c6f4634a56f6ae479756e3137cc05d92f54 Mon Sep 17 00:00:00 2001
From: chenkeyu <chenkeyu13@huawei.com>
Date: Sat, 2 Nov 2024 18:40:53 +0800
Subject: [PATCH 1/2] check utf16Len to prevent add overflow

Issue: https://gitee.com/openharmony/commonlibrary_c_utils/issues/IB1MTP?from=project-issue
Signed-off-by: chenkeyu <chenkeyu13@huawei.com>
---
 base/src/unicode_ex.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/base/src/unicode_ex.cpp b/base/src/unicode_ex.cpp
index ff455be..79854cc 100644
--- a/base/src/unicode_ex.cpp
+++ b/base/src/unicode_ex.cpp
@@ -330,7 +330,7 @@ char16_t* Char8ToChar16(const char* str8, size_t str8Len)
 {
     char16_t* str16 = nullptr;
     int utf16Len = Utf8ToUtf16Length(str8, str8Len);
-    if (utf16Len < 0) {
+    if (utf16Len < 0 || utf16Len >= INT_MAX) {
         UTILS_LOGE("Get str16 length failed,length is: %{public}d", utf16Len);
         return nullptr;
     }
-- 
Gitee


From 141a482f33d4509660f19709f46d37fcf90bdf63 Mon Sep 17 00:00:00 2001
From: chenkeyu <chenkeyu13@huawei.com>
Date: Sat, 2 Nov 2024 19:14:21 +0800
Subject: [PATCH 2/2] add ValidateReadData for ReadCString

Issue: https://gitee.com/openharmony/commonlibrary_c_utils/issues/IB1MW6?from=project-issue
Signed-off-by: chenkeyu <chenkeyu13@huawei.com>
---
 base/src/parcel.cpp | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/base/src/parcel.cpp b/base/src/parcel.cpp
index 64fcfc8..04e338d 100644
--- a/base/src/parcel.cpp
+++ b/base/src/parcel.cpp
@@ -1098,6 +1098,9 @@ const char *Parcel::ReadCString()
     const char* eos = reinterpret_cast<const char*>(memchr(cstr, 0, avail));
     if (eos != nullptr) {
         const size_t dataLength = eos - cstr;
+        if (ValidateReadData(dataLength + 1)) {
+            return nullptr;
+        }
         readCursor_ += (dataLength + 1);
         SkipBytes(GetPadSize(dataLength + 1));
         return cstr;
-- 
Gitee