Loading libutils/Unicode.cpp +20 −3 Original line number Original line Diff line number Diff line Loading @@ -180,7 +180,15 @@ ssize_t utf32_to_utf8_length(const char32_t *src, size_t src_len) size_t ret = 0; size_t ret = 0; const char32_t *end = src + src_len; const char32_t *end = src + src_len; while (src < end) { while (src < end) { ret += utf32_codepoint_utf8_length(*src++); size_t char_len = utf32_codepoint_utf8_length(*src++); if (SSIZE_MAX - char_len < ret) { // If this happens, we would overflow the ssize_t type when // returning from this function, so we cannot express how // long this string is in an ssize_t. android_errorWriteLog(0x534e4554, "37723026"); return -1; } ret += char_len; } } return ret; return ret; } } Loading Loading @@ -440,14 +448,23 @@ ssize_t utf16_to_utf8_length(const char16_t *src, size_t src_len) size_t ret = 0; size_t ret = 0; const char16_t* const end = src + src_len; const char16_t* const end = src + src_len; while (src < end) { while (src < end) { size_t char_len; if ((*src & 0xFC00) == 0xD800 && (src + 1) < end if ((*src & 0xFC00) == 0xD800 && (src + 1) < end && (*(src + 1) & 0xFC00) == 0xDC00) { && (*(src + 1) & 0xFC00) == 0xDC00) { // surrogate pairs are always 4 bytes. // surrogate pairs are always 4 bytes. ret += 4; char_len = 4; src += 2; src += 2; } else { } else { ret += utf32_codepoint_utf8_length((char32_t) *src++); char_len = utf32_codepoint_utf8_length((char32_t)*src++); } if (SSIZE_MAX - char_len < ret) { // If this happens, we would overflow the ssize_t type when // returning from this function, so we cannot express how // long this string is in an ssize_t. android_errorWriteLog(0x534e4554, "37723026"); return -1; } } ret += char_len; } } return ret; return ret; } } Loading Loading
libutils/Unicode.cpp +20 −3 Original line number Original line Diff line number Diff line Loading @@ -180,7 +180,15 @@ ssize_t utf32_to_utf8_length(const char32_t *src, size_t src_len) size_t ret = 0; size_t ret = 0; const char32_t *end = src + src_len; const char32_t *end = src + src_len; while (src < end) { while (src < end) { ret += utf32_codepoint_utf8_length(*src++); size_t char_len = utf32_codepoint_utf8_length(*src++); if (SSIZE_MAX - char_len < ret) { // If this happens, we would overflow the ssize_t type when // returning from this function, so we cannot express how // long this string is in an ssize_t. android_errorWriteLog(0x534e4554, "37723026"); return -1; } ret += char_len; } } return ret; return ret; } } Loading Loading @@ -440,14 +448,23 @@ ssize_t utf16_to_utf8_length(const char16_t *src, size_t src_len) size_t ret = 0; size_t ret = 0; const char16_t* const end = src + src_len; const char16_t* const end = src + src_len; while (src < end) { while (src < end) { size_t char_len; if ((*src & 0xFC00) == 0xD800 && (src + 1) < end if ((*src & 0xFC00) == 0xD800 && (src + 1) < end && (*(src + 1) & 0xFC00) == 0xDC00) { && (*(src + 1) & 0xFC00) == 0xDC00) { // surrogate pairs are always 4 bytes. // surrogate pairs are always 4 bytes. ret += 4; char_len = 4; src += 2; src += 2; } else { } else { ret += utf32_codepoint_utf8_length((char32_t) *src++); char_len = utf32_codepoint_utf8_length((char32_t)*src++); } if (SSIZE_MAX - char_len < ret) { // If this happens, we would overflow the ssize_t type when // returning from this function, so we cannot express how // long this string is in an ssize_t. android_errorWriteLog(0x534e4554, "37723026"); return -1; } } ret += char_len; } } return ret; return ret; } } Loading
