ICU-22790 Eliminate an out-of-bounds read

Check if an iterator is within bounds before accessing memory. Also, remove a redundant variable to make the while condition more clear. This issue was found [1] by running Konsole on CheriBSD/Morello that was compiled for CheriABI. The out of bounds read triggered a CHERI capability violation. [1] CTSRD-CHERI/cheribsd-ports#160
CTSRD-CHERI · Jun 12, 2024 · ce48832 · ce48832
1 parent 680f521
commit ce48832
Showing 1 changed file with 1 addition and 3 deletions.
diff --git a/icu4c/source/common/ushape.cpp b/icu4c/source/common/ushape.cpp
@@ -461,11 +461,9 @@ getLink(char16_t ch) {
  */
 static void
 countSpaces(char16_t *dest, int32_t size, uint32_t /*options*/, int32_t *spacesCountl, int32_t *spacesCountr) {
-    int32_t i = 0;
     int32_t countl = 0,countr = 0;
-    while((dest[i] == SPACE_CHAR) && (countl < size)) {
+    while(countl < size && dest[countl] == SPACE_CHAR) {
        countl++;
-       i++;
     }
     if (countl < size) {  /* the entire buffer is not all space */
         while(dest[size-1] == SPACE_CHAR) {