AK: Don't compare past '\0' in StringView::operator==(const char*)

We kept scanning the needle string even after hitting a null terminator and that's clearly not right. Found by oss-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31338 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31351
luteresa · Feb 24, 2021 · 42133a1 · 42133a1
1 parent 9bc3c3c
commit 42133a1
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/AK/StringView.h b/AK/StringView.h
@@ -147,6 +147,8 @@ class StringView {
  // NOTE: `m_characters` is not guaranteed to be null-terminated, but `cstring` is.
  const char* cp = cstring;
  for (size_t i = 0; i < m_length; ++i) {
+ if (!*cp)
+ return false;
  if (m_characters[i] != *(cp++))
  return false;
  }