Mahtan/wagic
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added a guard to ensure array access is within bounds of filter.

Browse Source 
For some reason, the VS2008 compiler allows this illegal access and VS2010 does not.  In all actuality it should never be permitted.

Please review the thread posted on the SVN thread for details as to why this needs a fix.
http://code.google.com/p/wagic/issues/detail?id=593&sort=-id


Issue: 593
This commit is contained in:
techdragon.nguyen@gmail.com
2011-02-14 06:07:04 +00:00
parent 072a250dc0
commit ee71b6bf0e
1 changed files with 14 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files
projects/mtg/src/WFilter.cpp
+8 -12
View File
@@ -32,15 +32,15 @@ size_t WCFilterFactory::findNext(string src, size_t start, char open, char close
} }
WCardFilter * WCFilterFactory::Construct(string src) WCardFilter * WCFilterFactory::Construct(string src)
{ {
size_t srcLength = src.size();
size_t x = 0; size_t x = 0;
string whitespaces(" \t\f\v\n\r"); string whitespaces(" \t\f\v\n\r");
x = src.find_first_not_of(whitespaces); x = src.find_first_not_of(whitespaces);
if (x != string::npos) src = src.substr(x); if (x != string::npos) src = src.substr(x);
if (!src.size()) return NEW WCFilterNULL(); //Empty string. if (!srcLength) return NEW WCFilterNULL(); //Empty string.
for (size_t i = 0; i < srcLength; i++)
for (size_t i = 0; i < src.size(); i++)
{ {
unsigned char c = src[i]; unsigned char c = src[i];
if (isspace(c)) continue; if (isspace(c)) continue;
@@ -50,16 +50,14 @@ WCardFilter * WCFilterFactory::Construct(string src)
if (endp != string::npos) if (endp != string::npos)
{ {
WCFilterGROUP * g = NEW WCFilterGROUP(Construct(src.substr(i + 1, endp - 1))); WCFilterGROUP * g = NEW WCFilterGROUP(Construct(src.substr(i + 1, endp - 1)));
if (endp < src.size()) if ( endp < (srcLength - 1) )
{ {
if (src[endp + 1] == '|') if (src[endp + 1] == '|')
return NEW WCFilterOR(g, Construct(src.substr(endp + 2))); return NEW WCFilterOR(g, Construct(src.substr(endp + 2)));
else if (src[endp + 1] == '&') else if (src[endp + 1] == '&')
return NEW WCFilterAND(g, Construct(src.substr(endp + 2))); return NEW WCFilterAND(g, Construct(src.substr(endp + 2)));
else
return g;
} }
SAFE_DELETE( g ); return g;
} }
else else
return NEW WCFilterNULL(); return NEW WCFilterNULL();
@@ -70,16 +68,14 @@ WCardFilter * WCFilterFactory::Construct(string src)
if (endp != string::npos) if (endp != string::npos)
{ {
WCFilterNOT * g = NEW WCFilterNOT(Construct(src.substr(i + 1, endp - 1))); WCFilterNOT * g = NEW WCFilterNOT(Construct(src.substr(i + 1, endp - 1)));
if (endp < src.size()) if (endp < (srcLength - 1) )
{ {
if (src[endp + 1] == '|') if (src[endp + 1] == '|')
return NEW WCFilterOR(g, Construct(src.substr(endp + 2))); return NEW WCFilterOR(g, Construct(src.substr(endp + 2)));
else if (src[endp + 1] == '&') else if (src[endp + 1] == '&')
return NEW WCFilterAND(g, Construct(src.substr(endp + 2))); return NEW WCFilterAND(g, Construct(src.substr(endp + 2)));
else
return g;
} }
SAFE_DELETE( g ); return g;
} }
else else
return NEW WCFilterNULL(); return NEW WCFilterNULL();
@@ -333,7 +329,7 @@ string WCFilterToughness::getCode()
} }
//WCFilterRarity //WCFilterRarity
float WCFilterRarity::filterFee() float WCFilterRarity::filterFee()
{
switch (rarity) switch (rarity)
{ {
case 'M': case 'M':