Specify string size to prevent heap-buffer-overflow. (#4091)

b/363029201 (cherry picked from commit 00284dd)
youtube · Sep 6, 2024 · 7485329 · 7485329
1 parent 4d181b3
commit 7485329
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/starboard/loader_app/slot_management.cc b/starboard/loader_app/slot_management.cc
@@ -140,7 +140,8 @@ bool ReadEvergreenVersion(std::vector<char>* manifest_file_path,
 
   Json::Reader reader;
   Json::Value obj;
-  if (!reader.parse(std::string(file_data.data()), obj) || !obj[kVersionKey]) {
+  if (!reader.parse(std::string(file_data.data(), file_size), obj) ||
+      !obj[kVersionKey]) {
     SB_LOG(WARNING) << "Failed to parse version from the manifest file at the "
                        "installation path.";
     return false;