Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[PLAT-8434] Fix improper use of TCHAR_TO_UTF8 #157

Merged
merged 2 commits into from
May 6, 2022
Merged

[PLAT-8434] Fix improper use of TCHAR_TO_UTF8 #157

merged 2 commits into from
May 6, 2022

Conversation

nickdowell
Copy link
Contributor

@nickdowell nickdowell commented May 6, 2022
edited
Loading

Goal

Fix a customer-reported use-after-free crash in FAndroidPlatformJNI::ParseFString() when passed a large string, due to improper use of TCHAR_TO_UTF8().

StringConv.h states that results should not be captured in a variable:

/**
 * NOTE: The objects these macros declare have very short lifetimes. They are
 * meant to be used as parameters to functions. You cannot assign a variable
 * to the contents of the converted string as the object will go out of
 * scope and the string released.
 *
 * NOTE: The parameter you pass in MUST be a proper string, as the parameter
 * is typecast to a pointer. If you pass in a char, not char* it will compile
 * and then crash at runtime.
 *
 * Usage:
 *
 *		SomeApi(TCHAR_TO_ANSI(SomeUnicodeString));
 *
 *		const char* SomePointer = TCHAR_TO_ANSI(SomeUnicodeString); <--- Bad!!!
 */

UE's string conversion use different allocation strategies depending on the size of the data, switching at 128 bytes.

Changeset

Uses TCHAR_TO_UTF8() in the recommended way - as a parameter to NewStringUTF()

There is no need for a null check since, given a non-null pointer (which FString::operator*() returns), TCHAR_TO_ANSI() will also return a non-null pointer.

Testing

Was unable to reproduce a crash, even when testing with large strings of over 128 bytes.

@nickdowell nickdowell requested a review from kattrali May 6, 2022 12:01
@nickdowell nickdowell force-pushed the nickdowell/fix-use-after-free branch from d20a69a to 1a19d04 Compare May 6, 2022 12:35
@nickdowell nickdowell merged commit 612063a into next May 6, 2022
@nickdowell nickdowell deleted the nickdowell/fix-use-after-free branch May 6, 2022 13:00
@nickdowell nickdowell changed the title Fix improper use of TCHAR_TO_UTF8 [PLAT-8434] Fix improper use of TCHAR_TO_UTF8 May 6, 2022
@nickdowell nickdowell mentioned this pull request May 11, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kattrali kattrali kattrali approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@nickdowell @kattrali