TDEMarkdown: Ensure that the loaded file content and generated HTML

are terminated by zero terminator to avoid reading overflow. Signed-off-by: Slávek Banko <slavek.banko@axis.cz>
author: Slávek Banko <slavek.banko@axis.cz> 2022-04-19 18:54:00 +0200
committer: Slávek Banko <slavek.banko@axis.cz> 2022-04-20 12:39:39 +0200
commit: 0b365bf245fd3b17dfd16d1828fcdbaf0820d947 (patch)
tree: 48fcaaa78b20213945fc2df9bed322dad4288054 /tdemarkdown
parent: 75252717c08f18dbaf17d5f315248672a225dc28 (diff)
download: tdelibs-0b365bf245fd3b17dfd16d1828fcdbaf0820d947.tar.gz
tdelibs-0b365bf245fd3b17dfd16d1828fcdbaf0820d947.zip
1 files changed, 10 insertions, 0 deletions
diff --git a/tdemarkdown/markdown_part.cpp b/tdemarkdown/markdown_part.cpp
index 604873fc3..7ea3d99b1 100644
--- a/tdemarkdown/markdown_part.cpp
+++ b/tdemarkdown/markdown_part.cpp
@@ -73,6 +73,11 @@ bool MarkdownPart::openURL(const KURL& u)
 
       if(!data.isNull())
       {
+          if (data[data.size()-1] != '\0')
+          {
+              data.resize(data.size()+1);
+              data[data.size()-1] = '\0';
+          }
           begin(u);
           TQString parsed(parse((MD_CHAR*) data.data()));
           write(parsed);
@@ -109,6 +114,11 @@ TQString& MarkdownPart::parse(MD_CHAR* document)
     }
     else
     {
+        if (data[data.size()-1] != '\0')
+        {
+            data.resize(data.size()+1);
+            data[data.size()-1] = '\0';
+        }
         m_buffer += TQString::fromLocal8Bit(data);
     }
author	Slávek Banko <slavek.banko@axis.cz>	2022-04-19 18:54:00 +0200
committer	Slávek Banko <slavek.banko@axis.cz>	2022-04-20 12:39:39 +0200
commit	0b365bf245fd3b17dfd16d1828fcdbaf0820d947 (patch)
tree	48fcaaa78b20213945fc2df9bed322dad4288054 /tdemarkdown
parent	75252717c08f18dbaf17d5f315248672a225dc28 (diff)
download	tdelibs-0b365bf245fd3b17dfd16d1828fcdbaf0820d947.tar.gz tdelibs-0b365bf245fd3b17dfd16d1828fcdbaf0820d947.zip