fang139842/azerothcore-wotlk2
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix(Core/SQLField): Fix heap-buffer-overflow issue when interacting with mysql field value. (#21393)

Browse Source
This commit is contained in:
Anton Popovichenko 2025-02-11 17:24:56 +01:00 committed by GitHub
parent c2986977d9
commit 07cb5c880c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/server/database/Database/Field.cpp
View File

@ -212,7 +212,7 @@ T Field::GetData() const
if (data.raw)
result = *reinterpret_cast<T const*>(data.value);
else
result = Acore::StringTo<T>(data.value);
result = Acore::StringTo<T>(std::string_view(data.value, data.length));
// Correct double fields... this undefined behavior :/
if constexpr (std::is_same_v<T, double>)
@ -220,7 +220,7 @@ T Field::GetData() const
if (data.raw && !IsType(DatabaseFieldTypes::Decimal))
result = *reinterpret_cast<double const*>(data.value);
else
result = Acore::StringTo<float>(data.value);
result = Acore::StringTo<float>(std::string_view(data.value, data.length));
}
// Check -1 for *_dbc db tables
@ -230,7 +230,7 @@ T Field::GetData() const
if (!tableName.empty() && tableName.size() > 4)
{
auto signedResult = Acore::StringTo<int32>(data.value);
auto signedResult = Acore::StringTo<int32>(std::string_view(data.value, data.length));
if (signedResult && !result && tableName.substr(tableName.length() - 4) == "_dbc")
{