Cleanup and securing XMLElementEncode and DecodeArray

tinyxml2Toolkit.cpp

@@ -118,7 +118,7 @@ void tinyxml2::XMLElementToGLM(XMLElement *elem, glm::mat4 &matrix)
 }
 
 
-XMLElement *tinyxml2::XMLElementEncodeArray(XMLDocument *doc, void *array, unsigned int arraysize)
+XMLElement *tinyxml2::XMLElementEncodeArray(XMLDocument *doc, const void *array, uint arraysize)
 {
     // create <array> node
     XMLElement *newelement = doc->NewElement( "array" );
@@ -157,20 +157,23 @@ XMLElement *tinyxml2::XMLElementEncodeArray(XMLDocument *doc, void *array, unsig
     return newelement;
 }
 
-bool tinyxml2::XMLElementDecodeArray(XMLElement *elem, void *array, unsigned int arraysize)
+bool tinyxml2::XMLElementDecodeArray(XMLElement *elem, void *array, uint arraysize)
 {
     bool ret = false;
 
+    // sanity check
+    if (array==nullptr || arraysize==0)
+        return ret;
+
     // make sure we have the good type of XML node
     if ( !elem || std::string(elem->Name()).compare("array") != 0 )
         return ret;
 
     // make sure the stored array is of the requested array size
-    unsigned int len = 0;
+    uint len = 0;
     elem->QueryUnsignedAttribute("len", &len);
-    if ( arraysize != len )
+    if (len == arraysize)
-        return ret;
+    {
-
         // read and decode the text field in <array>
         gsize   decoded_size = 0;
         guchar *decoded_array = g_base64_decode(elem->GetText(), &decoded_size);
@@ -183,7 +186,7 @@ bool tinyxml2::XMLElementDecodeArray(XMLElement *elem, void *array, unsigned int
             if ( decoded_array && zbytes == (uint) decoded_size ) {
 
                 // allocate a temporary array for decompressing data
-            uLong  uncompressed_size = arraysize;
+                uLong  uncompressed_size = len;
                 gchar *uncompressed_array = g_new(gchar, uncompressed_size);
 
                 // zlib uncompress ((Bytef *dest, uLongf *destLen, const Bytef *source, uLong sourceLen));
@@ -191,10 +194,9 @@ bool tinyxml2::XMLElementDecodeArray(XMLElement *elem, void *array, unsigned int
                            (Bytef *)decoded_array, (uLong) zbytes) ;
 
                 // sanity check 2: decompressed data size must match array size
-            if ( uncompressed_array && arraysize == uncompressed_size ){
+                if ( uncompressed_array && len == uncompressed_size ){
-
                     // copy to target array
-                memcpy(array, uncompressed_array, arraysize);
+                    memcpy(array, uncompressed_array, len);
                     // success
                     ret = true;
                 }
@@ -206,14 +208,17 @@ bool tinyxml2::XMLElementDecodeArray(XMLElement *elem, void *array, unsigned int
         // data is not z-compressed
         else {
             // copy the decoded data
-        if ( decoded_array && arraysize == decoded_size )
+            if ( decoded_array && len == decoded_size ) {
-            memcpy(array, decoded_array, arraysize);
+                // copy to target array
+                memcpy(array, decoded_array, len);
                 // success
                 ret = true;
             }
+        }
 
         // free temporary array
         g_free(decoded_array);
+    }
 
     return ret;
 }

tinyxml2Toolkit.h

@@ -21,8 +21,8 @@ void XMLElementToGLM(XMLElement *elem, glm::vec3 &vector);
 void XMLElementToGLM(XMLElement *elem, glm::vec4 &vector);
 void XMLElementToGLM(XMLElement *elem, glm::mat4 &matrix);
 
-XMLElement *XMLElementEncodeArray(XMLDocument *doc, void *array, unsigned int arraysize);
+XMLElement *XMLElementEncodeArray(XMLDocument *doc, const void *array, uint arraysize);
-bool XMLElementDecodeArray(XMLElement *elem, void *array, unsigned int arraysize);
+bool XMLElementDecodeArray(XMLElement *elem, void *array, uint arraysize);
 
 bool XMLSaveDoc(tinyxml2::XMLDocument * const doc, std::string filename);
 bool XMLResultError(int result);