From 59bc6523b4869e515aefa9118715cd440b163fc4 Mon Sep 17 00:00:00 2001
From: Simon Howard
Date: Sun, 18 Apr 2010 18:48:48 +0000
Subject: Fix unsigned integer overflow with calls to M_StrCaseStr where
 strlen(haystack) < strlen(needle)

Subversion-branch: /branches/raven-branch
Subversion-revision: 1906
---
 src/m_misc.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/m_misc.c b/src/m_misc.c
index 9d3144b2..ed41b5f1 100644
--- a/src/m_misc.c
+++ b/src/m_misc.c
@@ -263,12 +263,20 @@ void M_ForceUppercase(char *text)
 
 char *M_StrCaseStr(char *haystack, char *needle)
 {
+    unsigned int haystack_len;
     unsigned int needle_len;
     unsigned int len;
     unsigned int i;
 
+    haystack_len = strlen(haystack);
     needle_len = strlen(needle);
-    len = strlen(haystack) - needle_len;
+
+    if (haystack_len < needle_len)
+    {
+        return NULL;
+    }
+
+    len = haystack_len - needle_len;
 
     for (i = 0; i <= len; ++i)
     {
-- 
cgit v1.2.3