From 63f3de1a3c3ebd57dc88d93b7647c16a1e1b3dda Mon Sep 17 00:00:00 2001 From: Dmitry-Me Date: Thu, 21 Aug 2014 12:33:19 +0400 Subject: [PATCH] Make code more defensive * initialize out-parameter for cases the callee fails to * add assert for length being within range * replace post-assert with pre-assert Also replace the loop with an equivalent memcpy() call --- tinyxml2.cpp | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/tinyxml2.cpp b/tinyxml2.cpp index 4efc768..86090d6 100755 --- a/tinyxml2.cpp +++ b/tinyxml2.cpp @@ -216,13 +216,14 @@ const char* StrPair::GetStr() // 中 or 中 if ( *(p+1) == '#' ) { - char buf[10] = { 0 }; - int len; + const int buflen = 10; + char buf[buflen] = { 0 }; + int len = 0; p = const_cast( XMLUtil::GetCharacterRef( p, buf, &len ) ); - for( int i=0; i