From 683b72c3c1b38b388322da59aaa28d1306014f95 Mon Sep 17 00:00:00 2001
From: abv <abv@opencascade.com>
Date: Mon, 30 Sep 2019 21:37:55 +0300
Subject: [PATCH] 0031010: Foundation Classes - heap-buffer-overflow reported
 by Clang address sanitizer in OSD_Path::IsUncExtendedPath()

Use of memcmp is replaced by strncmp to avoid possible read access out of string buffer size
---
 src/OSD/OSD_Path.hxx | 24 ++++++++++++++++++------
 1 file changed, 18 insertions(+), 6 deletions(-)

diff --git a/src/OSD/OSD_Path.hxx b/src/OSD/OSD_Path.hxx
index 163c80487b..397666bd63 100644
--- a/src/OSD/OSD_Path.hxx
+++ b/src/OSD/OSD_Path.hxx
@@ -228,7 +228,10 @@ public:
   //!   \\?\D:\very long path
   //! File I/O functions in the Windows API convert "/" to "\" as part of converting the name to an NT-style name, except when using the "\\?\" prefix.
   //! @return true if extended-length NT path syntax detected.
-  static Standard_Boolean IsNtExtendedPath (const char* thePath) { return ::memcmp (thePath, "\\\\?\\", 4) == 0; }
+  static Standard_Boolean IsNtExtendedPath (const char* thePath) 
+  { 
+    return ::strncmp (thePath, "\\\\?\\", 4) == 0;
+  }
 
   //! UNC is a naming convention used primarily to specify and map network drives in Microsoft Windows.
   //! Sample path:
@@ -236,31 +239,40 @@ public:
   //! @return true if UNC path syntax detected.
   static Standard_Boolean IsUncPath (const char* thePath)
   {
-    if (::memcmp (thePath, "\\\\", 2) == 0)
+    if (::strncmp (thePath, "\\\\", 2) == 0)
     {
       return thePath[2] != '?'
           || IsUncExtendedPath (thePath);
     }
-    return ::memcmp (thePath, "//",   2) == 0;
+    return ::strncmp (thePath, "//", 2) == 0;
   }
 
   //! Detect extended-length UNC path.
   //! Sample path:
   //!   \\?\UNC\server\share
   //! @return true if extended-length UNC path syntax detected.
-  static Standard_Boolean IsUncExtendedPath (const char* thePath) { return ::memcmp (thePath, "\\\\?\\UNC\\", 8) == 0; }
+  static Standard_Boolean IsUncExtendedPath (const char* thePath) 
+  { 
+    return ::strncmp (thePath, "\\\\?\\UNC\\", 8) == 0;
+  }
 
   //! Detect absolute UNIX-path.
   //! Sample path:
   //!   /media/cdrom/file
   //! @return true if UNIX path syntax detected.
-  static Standard_Boolean IsUnixPath (const char* thePath) { return thePath[0] == '/' && thePath[1] != '/'; }
+  static Standard_Boolean IsUnixPath (const char* thePath)
+  {
+    return thePath[0] == '/' && thePath[1] != '/';
+  }
 
   //! Detect special URLs on Android platform.
   //! Sample path:
   //!   content://filename
   //! @return true if content path syntax detected
-  static Standard_Boolean IsContentProtocolPath (const char* thePath) { return ::memcmp (thePath, "content://", 10) == 0; }
+  static Standard_Boolean IsContentProtocolPath (const char* thePath)
+  {
+    return ::strncmp (thePath, "content://", 10) == 0;
+  }
 
   //! Detect remote protocol path (http / ftp / ...).
   //! Actually shouldn't be remote...