thisistherk / fast_obj

Fast C OBJ parser
MIT License
636 stars 47 forks source link

Fix buffer overflow in string_equal #8

Closed zeux closed 5 years ago

zeux commented 5 years ago

When string_equal's first argument is a prefix of the second argument but the second argument is longer, the loop goes through all characters of the first string, compares terminating NUL with a different character in the right hand side string, discovers that it's different and leaves the loop - with 'a' having already been incremented.

After this the condition proceeds to read from *a which causes a buffer overrun.

Fix this by changing the function to something that's obviously correct, even if somewhat less efficient.