From 2eb86d75b86baff7c81b3dcb53de9a6c47dea5f8 Mon Sep 17 00:00:00 2001
From: Kim Kulling <kimkulling@users.noreply.github.com>
Date: Wed, 22 Dec 2021 19:45:19 +0100
Subject: [PATCH] Make sure no overflow can happen

- During UTF32 LE with BOM make sure that the byteswap operation will have enough space when iterating through the text buffer, which shall get encoded.
- closes https://github.com/assimp/assimp/issues/4230
---
 code/Common/BaseImporter.cpp | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/code/Common/BaseImporter.cpp b/code/Common/BaseImporter.cpp
index d7e24afab..c0a87b632 100644
--- a/code/Common/BaseImporter.cpp
+++ b/code/Common/BaseImporter.cpp
@@ -65,6 +65,7 @@ using namespace Assimp;
 // Constructor to be privately used by Importer
 BaseImporter::BaseImporter() AI_NO_EXCEPT
         : m_progress() {
+    // empty
 }
 
 // ------------------------------------------------------------------------------------------------
@@ -371,11 +372,16 @@ void BaseImporter::ConvertToUTF8(std::vector<char> &data) {
     }
 
     // UTF 16 BE with BOM
+    size_t index = 0;
     if (*((uint16_t *)&data.front()) == 0xFFFE) {
-
         // swap the endianness ..
         for (uint16_t *p = (uint16_t *)&data.front(), *end = (uint16_t *)&data.back(); p <= end; ++p) {
-            ByteSwap::Swap2(p);
+            // Check to ensure no overflow can happen
+            if ((index+2) < data.Size()) {
+                // Swap the data
+                ByteSwap::Swap2(p);
+                index += 2;
+            }
         }
     }