correct #18768, add check for unsafe strcpy() (#18885)

drelaptop · web-flow · commit b26e1bb08648 · 2018-06-08T17:52:50.000+08:00
* add check for unsafe strcpy()

add check for unsafe strcpy()

* complying with required coding style

substitute tab with 4 spaces

* NULL -&gt; nullptr
diff --git a/cocos/scripting/lua-bindings/manual/network/lua_xml_http_request.cpp b/cocos/scripting/lua-bindings/manual/network/lua_xml_http_request.cpp
@@ -266,15 +266,18 @@ void LuaMinXmlHttpRequest::_setHttpRequestHeader()
         const char* second = it->second.c_str();
         size_t len = sizeof(char) * (strlen(first) + 3 + strlen(second));
         char* test = (char*) malloc(len);
-        memset(test, 0,len);
+        if (test != nullptr) //should check failure of malloc or it could be an undefined behaviour
+        {
+            memset(test, 0,len);
         
-        strcpy(test, first);
-        strcpy(test + strlen(first) , ": ");
-        strcpy(test + strlen(first) + 2, second);
+            strcpy(test, first);
+            strcpy(test + strlen(first) , ": ");
+            strcpy(test + strlen(first) + 2, second);
         
-        header.push_back(test);
+            header.push_back(test);
         
-        free(test);
+            free(test);
+        }
         
     }
     
