# HG changeset patch # User Teemu Piippo # Date 1437687796 -10800 # Node ID f9f73eeba3b7b47c76968df73682589994e2f120 # Parent 4f0f0b1b8e0bb1aff4cd0e0607728641027f870d Fixed crashing problems: min and max had their logic inverted and Bytestream::read_string moved the cursor too early diff -r 4f0f0b1b8e0b -r f9f73eeba3b7 sources/basics.h --- a/sources/basics.h Thu Jul 23 18:26:30 2015 +0300 +++ b/sources/basics.h Fri Jul 24 00:43:16 2015 +0300 @@ -73,13 +73,13 @@ template T min (T a, T b) { - return (a < b) ? b : a; + return (a < b) ? a : b; } template T max (T a, T b) { - return (a > b) ? b : a; + return (a > b) ? a : b; } template diff -r 4f0f0b1b8e0b -r f9f73eeba3b7 sources/network/bytestream.cpp --- a/sources/network/bytestream.cpp Thu Jul 23 18:26:30 2015 +0300 +++ b/sources/network/bytestream.cpp Fri Jul 24 00:43:16 2015 +0300 @@ -192,22 +192,18 @@ unsigned char* stringBegin = m_cursor; unsigned char* end = m_data + allocated_size(); - // where's the end of the string? + // Where's the end of the string? for (stringEnd = m_cursor; *stringEnd != '\0'; ++stringEnd) { if (stringEnd == end) - // past the end of the buffer! Argh! - throw IOError ("unterminated string in packet"); + { + // Past the end of the buffer + throw IOError ("unterminated or too long string in packet"); + } } + unsigned int length = stringEnd - m_cursor; m_cursor = stringEnd + 1; - unsigned int length = stringEnd - m_cursor; - - // ensure we won't write past the buffer (note: we still moved - // past the excess bytes in the above statement, those are ignored) - if (length >= MAX_NETWORK_STRING) - length = MAX_NETWORK_STRING - 1; - memcpy (buffer, stringBegin, length); buffer[length] = '\0'; return String (buffer);