StatusLine::parse: handle non-null-terminated buffer with std::atoi()

Signed-off-by: Miklos Vajna <vmiklos@collabora.com> Change-Id: I51033bc4d3f97f5ae93abce1b5f19ef6a8b296d8
author: Miklos Vajna <vmiklos@collabora.com> 2021-04-23 09:58:42 +0200
committer: Miklos Vajna <vmiklos@collabora.com> 2021-04-23 15:32:21 +0200
commit: da11acd8c52950f7ac928f78f6e628078ead358f (patch)
tree: 495e6100629673f224fd65947f3d974bf55eb225 /net/HttpRequest.cpp
parent: StatusLine::parse: only feed integers to std::atoi() (diff)
download: online-da11acd8c52950f7ac928f78f6e628078ead358f.tar.gz
online-da11acd8c52950f7ac928f78f6e628078ead358f.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/net/HttpRequest.cpp b/net/HttpRequest.cpp
index f3c42fcf32..f9c016e0aa 100644
--- a/net/HttpRequest.cpp
+++ b/net/HttpRequest.cpp
@@ -230,7 +230,9 @@ FieldParseState StatusLine::parse(const char* p, int64_t& len)
         LOG_ERR("StatusLine::parse: expected valid integer number");
         return FieldParseState::Invalid;
     }
-    _statusCode = std::atoi(&p[off]);
+    // p may not be null-terminated.
+    std::string token(&p[off], len - off);
+    _statusCode = std::atoi(token.c_str());
     if (_statusCode < MinValidStatusCode || _statusCode > MaxValidStatusCode)
     {
         LOG_ERR("StatusLine::parse: Invalid StatusCode [" << _statusCode << "]");
author	Miklos Vajna <vmiklos@collabora.com>	2021-04-23 09:58:42 +0200
committer	Miklos Vajna <vmiklos@collabora.com>	2021-04-23 15:32:21 +0200
commit	da11acd8c52950f7ac928f78f6e628078ead358f (patch)
tree	495e6100629673f224fd65947f3d974bf55eb225 /net/HttpRequest.cpp
parent	StatusLine::parse: only feed integers to std::atoi() (diff)
download	online-da11acd8c52950f7ac928f78f6e628078ead358f.tar.gz online-da11acd8c52950f7ac928f78f6e628078ead358f.zip