From 3ffff78a27bb6db97224bbd831b6aafb39fb51bd Mon Sep 17 00:00:00 2001
From: Morph <39850852+Morph1984@users.noreply.github.com>
Date: Wed, 13 Oct 2021 12:49:22 -0400
Subject: [PATCH 1/2] string_util: Prevent out of bounds access in
 u16string_view buffer

---
 src/common/string_util.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/common/string_util.cpp b/src/common/string_util.cpp
index e6344fd41..9617c3fa3 100644
--- a/src/common/string_util.cpp
+++ b/src/common/string_util.cpp
@@ -191,9 +191,9 @@ std::string StringFromFixedZeroTerminatedBuffer(const char* buffer, std::size_t
 std::u16string UTF16StringFromFixedZeroTerminatedBuffer(std::u16string_view buffer,
                                                         std::size_t max_len) {
     std::size_t len = 0;
-    while (len < max_len && buffer[len] != '\0')
+    while (len < buffer.length() && len < max_len && buffer[len] != '\0') {
         ++len;
-
+    }
     return std::u16string(buffer.begin(), buffer.begin() + len);
 }
 

From 0d6057b2fa98f08a461edaf584e9ac75f7fdecde Mon Sep 17 00:00:00 2001
From: Morph <39850852+Morph1984@users.noreply.github.com>
Date: Thu, 14 Oct 2021 13:11:08 -0400
Subject: [PATCH 2/2] string_util: Make use of std::string_view and add bounds
 checking

Makes use of std::string_view in StringFromFixedZeroTerminatedBuffer and add bounds checking
---
 src/common/string_util.cpp | 8 ++++----
 src/common/string_util.h   | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/common/string_util.cpp b/src/common/string_util.cpp
index 9617c3fa3..662171138 100644
--- a/src/common/string_util.cpp
+++ b/src/common/string_util.cpp
@@ -180,12 +180,12 @@ std::wstring UTF8ToUTF16W(const std::string& input) {
 
 #endif
 
-std::string StringFromFixedZeroTerminatedBuffer(const char* buffer, std::size_t max_len) {
+std::string StringFromFixedZeroTerminatedBuffer(std::string_view buffer, std::size_t max_len) {
     std::size_t len = 0;
-    while (len < max_len && buffer[len] != '\0')
+    while (len < buffer.length() && len < max_len && buffer[len] != '\0') {
         ++len;
-
-    return std::string(buffer, len);
+    }
+    return std::string(buffer.begin(), buffer.begin() + len);
 }
 
 std::u16string UTF16StringFromFixedZeroTerminatedBuffer(std::u16string_view buffer,
diff --git a/src/common/string_util.h b/src/common/string_util.h
index 7e90a9ca5..f0dd632ee 100644
--- a/src/common/string_util.h
+++ b/src/common/string_util.h
@@ -63,7 +63,7 @@ template <typename InIt>
  * Creates a std::string from a fixed-size NUL-terminated char buffer. If the buffer isn't
  * NUL-terminated then the string ends at max_len characters.
  */
-[[nodiscard]] std::string StringFromFixedZeroTerminatedBuffer(const char* buffer,
+[[nodiscard]] std::string StringFromFixedZeroTerminatedBuffer(std::string_view buffer,
                                                               std::size_t max_len);
 
 /**