Fix off-by-one in String::substring

When checking the `left` argument, it previously allowed having left == len. However, this means the substring starts one past the last character in the string and should return the empty string. In practice, this already worked correctly, because buffer[len] contains the trailing nul, so it would (re)assign the empty string to `out`. However, fixing this check makes it a bit more logical, and prevents a fairly unlikely out-of-buffer write (to address 0x0) when calling substring on an invalidated String: String bar = (char*)NULL; bar.substring(0, 0);
author: Matthijs Kooijman <matthijs@stdin.nl> 2014-04-24 22:57:27 +0200
committer: Matthijs Kooijman <matthijs@stdin.nl> 2014-09-10 13:42:06 +0200
commit: fde95cf5b5ace06f497842f9329d5207c4834898 (patch)
tree: b70c5cca781391152bc24796e866e215588bf8c1
parent: 35a84769d4dbc0670550ea2abde83bd33dc28729 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/cores/arduino/WString.cpp b/cores/arduino/WString.cpp
index f494094..dcd469d 100644
--- a/cores/arduino/WString.cpp
+++ b/cores/arduino/WString.cpp
@@ -619,7 +619,7 @@ String String::substring(unsigned int left, unsigned int right) const
 		left = temp;
 	}
 	String out;
-	if (left > len) return out;
+	if (left >= len) return out;
 	if (right > len) right = len;
 	char temp = buffer[right];  // save the replaced character
 	buffer[right] = '\0';
author	Matthijs Kooijman <matthijs@stdin.nl>	2014-04-24 22:57:27 +0200
committer	Matthijs Kooijman <matthijs@stdin.nl>	2014-09-10 13:42:06 +0200
commit	fde95cf5b5ace06f497842f9329d5207c4834898 (patch)
tree	b70c5cca781391152bc24796e866e215588bf8c1
parent	35a84769d4dbc0670550ea2abde83bd33dc28729 (diff)