fix: improve string copy safety

CMakeLists.txt

@@ -56,9 +56,10 @@ target_sources(${PROJECT_NAME} PRIVATE
     "src/app.cpp"
     "src/desktop.cpp"
 
-    "src/icon.cpp"
+    "src/string.cpp"
     "src/memory.cpp"
-
+
+    "src/icon.cpp"
     "src/stash.cpp"
     "src/script.cpp"
     "src/scheme.cpp"

private/utils/string.hpp

@@ -0,0 +1,8 @@
+#pragma once
+
+#include <string>
+
+namespace bindings
+{
+    char *alloc(const std::string &);
+} // namespace bindings

private/utils/wrap.hpp

@@ -12,7 +12,7 @@ namespace bindings
         using type = T;
 
         template <typename U>
-        static auto convert(U &&data)
+        static auto convert(U &data)
         {
             return data;
         };
@@ -24,7 +24,7 @@ namespace bindings
         using type = const char *;
 
         template <typename U>
-        static auto convert(U &&data)
+        static auto convert(U &data)
         {
             return data.c_str();
         };
@@ -36,10 +36,10 @@ namespace bindings
         using type = saucer_icon *;
 
         template <typename U>
-        static auto convert(U &&data)
+        static auto convert(U &data)
         {
             // ! User is responsible for freeing this!
-            return saucer_icon::make(std::forward<U>(data));
+            return saucer_icon::make(std::move(data));
         };
     };
 
@@ -49,10 +49,10 @@ namespace bindings
         using type = saucer_navigation *;
 
         template <typename U>
-        static auto convert(U &&data)
+        static auto convert(U &data)
         {
             // ! User is responsible for freeing this!
-            return saucer_navigation::make(std::forward<U>(data));
+            return saucer_navigation::make(std::move(data));
         };
     };
 
@@ -73,7 +73,7 @@ namespace bindings
         return [handle, callback]<typename... Ts>(Ts &&...args)
         {
             auto *converted = wrap<T>::convert(callback);
-            return std::invoke(converted, handle, wrap<Ts>::convert(std::forward<Ts>(args))...);
+            return std::invoke(converted, handle, wrap<Ts>::convert(args)...);
         };
     };
 } // namespace bindings

src/navigation.cpp

@@ -1,9 +1,7 @@
 #include "navigation.h"
 #include "navigation.hpp"
 
-#include "memory.h"
-
-#include <cstring>
+#include "utils/string.hpp"
 
 extern "C"
 {
@@ -14,12 +12,7 @@ extern "C"
 
     char *saucer_navigation_url(saucer_navigation *handle)
     {
-        auto url = handle->value().url();
-
-        auto *rtn = static_cast<char *>(saucer_memory_alloc(url.capacity()));
-        strncpy(rtn, url.data(), url.capacity());
-
-        return rtn;
+        return bindings::alloc(handle->value().url());
     }
 
     bool saucer_navigation_new_window(saucer_navigation *handle)

src/scheme.cpp

@@ -1,11 +1,10 @@
 #include "scheme.h"
 #include "scheme.hpp"
 
-#include "memory.h"
 #include "stash.hpp"
 
-#include <ranges>
-#include <cstring>
+#include "memory.h"
+#include "utils/string.hpp"
 
 extern "C"
 {
@@ -37,22 +36,12 @@ extern "C"
 
     char *saucer_scheme_request_url(saucer_scheme_request *handle)
     {
-        auto url = handle->value()->url();
-
-        auto *rtn = static_cast<char *>(saucer_memory_alloc(url.capacity()));
-        strncpy(rtn, url.data(), url.capacity());
-
-        return rtn;
+        return bindings::alloc(handle->value()->url());
     }
 
     char *saucer_scheme_request_method(saucer_scheme_request *handle)
     {
-        auto method = handle->value()->method();
-
-        auto *rtn = static_cast<char *>(saucer_memory_alloc(method.capacity()));
-        strncpy(rtn, method.data(), method.capacity());
-
-        return rtn;
+        return bindings::alloc(handle->value()->method());
     }
 
     saucer_stash *saucer_scheme_request_content(saucer_scheme_request *handle)
@@ -73,11 +62,8 @@ extern "C"
             const auto &[header, value] = *it;
             const auto index            = std::distance(data.begin(), it);
 
-            (*headers)[index] = static_cast<char *>(saucer_memory_alloc(header.capacity()));
-            (*values)[index]  = static_cast<char *>(saucer_memory_alloc(value.capacity()));
-
-            strncpy((*headers)[index], header.data(), header.capacity());
-            strncpy((*values)[index], value.data(), value.capacity());
+            (*headers)[index] = bindings::alloc(header);
+            (*values)[index]  = bindings::alloc(value);
         }
     }
 }

src/string.cpp

@@ -0,0 +1,14 @@
+#include "utils/string.hpp"
+
+#include "memory.h"
+
+char *bindings::alloc(const std::string &value)
+{
+    const auto size = value.size();
+    char *const rtn = static_cast<char *>(saucer_memory_alloc(size + 1));
+
+    value.copy(rtn, size);
+    rtn[size + 1] = '\0';
+
+    return rtn;
+}

src/webview.cpp

@@ -6,13 +6,11 @@
 #include "scheme.hpp"
 #include "preferences.hpp"
 
-#include "memory.h"
-
 #include "utils/wrap.hpp"
+#include "utils/string.hpp"
 #include "utils/handle.hpp"
 
 #include <utility>
-#include <cstring>
 
 struct saucer_embedded_file : bindings::handle<saucer_embedded_file, saucer::embedded_file>
 {
@@ -52,12 +50,7 @@ extern "C"
 
     char *saucer_webview_page_title(saucer_handle *handle)
     {
-        auto title = handle->page_title();
-
-        auto *rtn = static_cast<char *>(saucer_memory_alloc(title.capacity()));
-        strncpy(rtn, title.data(), title.capacity());
-
-        return rtn;
+        return bindings::alloc(handle->page_title());
     }
 
     bool saucer_webview_dev_tools(saucer_handle *handle)
@@ -67,12 +60,7 @@ extern "C"
 
     char *saucer_webview_url(saucer_handle *handle)
     {
-        auto url = handle->url();
-
-        auto *rtn = static_cast<char *>(saucer_memory_alloc(url.capacity()));
-        strncpy(rtn, url.data(), url.capacity());
-
-        return rtn;
+        return bindings::alloc(handle->url());
     }
 
     bool saucer_webview_context_menu(saucer_handle *handle)

src/window.cpp

@@ -3,11 +3,10 @@
 #include "icon.hpp"
 #include "webview.hpp"
 
-#include "memory.h"
 #include "utils/wrap.hpp"
+#include "utils/string.hpp"
 
 #include <utility>
-#include <cstring>
 
 #include <saucer/window.hpp>
 
@@ -50,12 +49,7 @@ extern "C"
 
     char *saucer_window_title(saucer_handle *handle)
     {
-        auto title = handle->title();
-
-        auto *rtn = static_cast<char *>(saucer_memory_alloc(title.capacity()));
-        strncpy(rtn, title.data(), title.capacity());
-
-        return rtn;
+        return bindings::alloc(handle->title());
     }
 
     void saucer_window_size(saucer_handle *handle, int *width, int *height)