UnicodeString::getUChars() reads uninitialized memory

[Yves A. <yv...@re...>]

Consider this on Windows:

	UnicodeString ustr(L"Some simple stuff");
	const UChar *data = ustr.getUChars();

When the string is constructed, it copies "Some simple stuff" (w/o a
trailing 0) in fArray. Then when getUChars is called, it does:

  if(fCapacity <= fLength || fArray[fLength] != 0) {
    if(((UnicodeString &)*this).cloneArrayIfNeeded(fLength + 1)) {
      fArray[fLength] = 0;
    }
  }
  return fArray;

Now in this case, fCapacity is way bigger than fLength, so the test
fArray[fLength] != 0 is going to read two bytes *after* what was initialized
in the constructor. And memory tool checkers do complain.

I think the simplest fix is to get rid of the tests, and simply have:

  if(((UnicodeString &)*this).cloneArrayIfNeeded(fLength + 1)) {
    fArray[fLength] = 0;
  }
  return fArray;

which makes the call more expensive (a check for bogus again, then a check
for flags and limits) but not touching unitialized memory.

The alternative is to keep getUChars() as is and make sure everything is
always zero-terminated or in the case where fCapacity <= fLength. How hard
is that to do? Can you do that?

YA
--
My opinions do not necessarily reflect my company's.
The opposite is also true..