Crash when parsing empty tokens

[WWWjiahui]

When parsing lines that contain empty tokens, the parser triggers a stack-buffer-overflow in SettingsParser::parseLine, leading to program crash. This occurs because an empty token is passed to the char-conversion code which accesses input[0] without checking for empty string.

Create a file with contents:

  charsv,,

and run fuzzing tests

Observed:

Root cause:
The crash was triggered inside SettingsParser::parseLine, which reads line[index] without checking index < line.size().

Fix:
Add explicit boundary checks in all loops in parseLine that access line[index], and protect the substr call

while (index < line.size() && std::isspace(line[index], m_locale)) index++;
...
const std::string value = (index < line.size()) ? line.substr(index) : std::string();

Impact:

• Crash for user parsing crafted input.

[Foaly]

Ha! I haven't look at this code in years! Thank you very much for having a look, it is much appreciated. If you want to send a pull request I would be more than happy to merge it 🙂