From 4708ea3b429ec681f2bfb3c1f01940eea54d1801 Mon Sep 17 00:00:00 2001
From: Stefan Weil <sw@weilnetz.de>
Date: Wed, 31 Aug 2016 14:48:07 +0200
Subject: [PATCH] vs2010: Fix implementation of strcasestr

A haystack which is shorter than the needle resulted in negative value
for length_haystack which was forced to a very large unsigned value.

The resulting buffer overflow while reading the haystack would crash
text2image when it was called with a short font name.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
---
 vs2010/port/strcasestr.cpp | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/vs2010/port/strcasestr.cpp b/vs2010/port/strcasestr.cpp
index ddaf2addae..c54792c1a6 100644
--- a/vs2010/port/strcasestr.cpp
+++ b/vs2010/port/strcasestr.cpp
@@ -49,9 +49,14 @@ char *strcasestr(const char *haystack, const char *needle) {
      return NULL;
 
    length_needle = strlen(needle);
-   length_haystack = strlen(haystack) - length_needle + 1;
+   length_haystack = strlen(haystack);
 
-   for (i = 0; i < length_haystack; i++)
+   if (length_haystack < length_needle)
+     return NULL;
+
+   length_haystack -= length_needle;
+
+   for (i = 0; i <= length_haystack; i++)
      {
         size_t j;
 
@@ -71,4 +76,4 @@ char *strcasestr(const char *haystack, const char *needle) {
      }
 
    return NULL;
-}
\ No newline at end of file
+}