From a6843ebb924c551694d4a5eba6057512a3fbe4ea Mon Sep 17 00:00:00 2001 From: Frank Plowman Date: Wed, 18 Dec 2024 12:13:03 +0000 Subject: [PATCH] EnumMapper: Fix out-of-bounds read Defer dereferencing the component iterators (itItem and itName) of EnumMapper::Iterator until EnumMapper::Iterator itself is dereferenced. This prevents an out-of-bounds read when constructing an EnumMapper::Iterator from ::end() iterators. --- YUViewLib/src/common/EnumMapper.h | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/YUViewLib/src/common/EnumMapper.h b/YUViewLib/src/common/EnumMapper.h index bad1e4c19..bd7a0cf48 100644 --- a/YUViewLib/src/common/EnumMapper.h +++ b/YUViewLib/src/common/EnumMapper.h @@ -35,6 +35,7 @@ #include #include #include +#include #include #include @@ -59,21 +60,15 @@ template struct EnumMapper using pointer = ValueNamePair *; using reference = ValueNamePair &; - Iterator(const ItemIterator itItem, const NameIterator itName) : itItem(itItem), itName(itName) - { - this->valueNamePair.first = *itItem; - this->valueNamePair.second = *itName; - } + Iterator(const ItemIterator itItem, const NameIterator itName) : itItem(itItem), itName(itName) {} - ValueNamePair const &operator*() const { return this->valueNamePair; } - ValueNamePair const *operator->() const { return &this->valueNamePair; } + ValueNamePair const operator*() const { return ValueNamePair(*this->itItem, *this->itName); } + std::unique_ptr const operator->() const { return std::make_unique(*this->itItem, *this->itName); } Iterator &operator++() { ++this->itItem; ++this->itName; - this->valueNamePair.first = *this->itItem; - this->valueNamePair.second = *this->itName; return *this; } @@ -89,7 +84,6 @@ template struct EnumMapper private: ItemIterator itItem; NameIterator itName; - ValueNamePair valueNamePair{}; }; Iterator begin() const { return Iterator(this->items.begin(), this->names.begin()); }