fix CanonicalizePath going past StringPiece length + test

Author: sgraham

src/util.cc

@@ -129,6 +129,8 @@ bool CanonicalizePath(char* path, size_t* len, unsigned int* slash_bits,
   unsigned int bits = 0;
   int bits_offset = 0;
   for (char* c = path; (c = strpbrk(c, "/\\")) != NULL;) {
+    if (static_cast<size_t>(c - path) >= *len)
+      break;
     bits |= (*c == '\\') << bits_offset;
     *c++ = '/';
     bits_offset++;

src/util_test.cc

@@ -244,6 +244,16 @@ TEST(CanonicalizePath, SlashTracking) {
   EXPECT_EQ(1, slash_bits);
 }
 
+TEST(CanonicalizePath, CanonicalizeNotExceedingLen) {
+  // Make sure searching \/ doesn't go past supplied len.
+  char buf[] = "foo/bar\\baz.h\\";  // Last \ past end.
+  unsigned int slash_bits;
+  string err;
+  size_t size = 13;
+  EXPECT_TRUE(::CanonicalizePath(buf, &size, &slash_bits, &err));
+  EXPECT_EQ(0, strncmp("foo/bar/baz.h", buf, size));
+  EXPECT_EQ(2, slash_bits);  // Not including the trailing one.
+}
 #endif
 
 TEST(CanonicalizePath, EmptyResult) {