de/stringbuilder safety (#456)

- Improvement: Safeguard FormatCallstack to not throw exceptions when building the callstack string
- Improvement: Limit thread name length when setting it for debugger use
- Improvemnet: Don't allow assert callbacks to throw exception
- Improvement: When formatting log output for malformed attachments in a package message, allow the string buffer to grow instead of throwing exception

4 files changed, 31 insertions, 15 deletions

diff --git a/src/zencore/callstack.cpp b/src/zencore/callstack.cpp
index 9b06d4575..b22f2ec1f 100644
--- a/src/zencore/callstack.cpp
+++ b/src/zencore/callstack.cpp
@@ -179,19 +179,26 @@ FormatCallstack(const CallstackFrames* Callstack, StringBuilderBase& SB, std::st
 	bool First = true;
 	for (const std::string& Symbol : GetFrameSymbols(Callstack))
 	{
-		if (!First)
+		try
 		{
-			SB.Append("\n");
-		}
-		else
-		{
-			First = false;
+			if (!First)
+			{
+				SB.Append("\n");
+			}
+			else
+			{
+				First = false;
+			}
+			if (!Prefix.empty())
+			{
+				SB.Append(Prefix);
+			}
+			SB.Append(Symbol);
 		}
-		if (!Prefix.empty())
+		catch (const std::exception&)
 		{
-			SB.Append(Prefix);
+			break;
 		}
-		SB.Append(Symbol);
 	}
 }
 
diff --git a/src/zencore/thread.cpp b/src/zencore/thread.cpp
index ab7e6857a..0d5ad6091 100644
--- a/src/zencore/thread.cpp
+++ b/src/zencore/thread.cpp
@@ -80,8 +80,10 @@ SetNameInternal(DWORD thread_id, const char* name)
 void
 SetCurrentThreadName([[maybe_unused]] std::string_view ThreadName)
 {
-	StringBuilder<256> ThreadNameZ;
-	ThreadNameZ << ThreadName;
+	constexpr std::string_view::size_type  MaxThreadNameLength = 255;
+	std::string_view					   LimitedThreadName   = ThreadName.substr(0, MaxThreadNameLength);
+	StringBuilder<MaxThreadNameLength + 1> ThreadNameZ;
+	ThreadNameZ << LimitedThreadName;
 	const int ThreadId = GetCurrentThreadId();
 
 #if ZEN_WITH_TRACE
@@ -95,8 +97,8 @@ SetCurrentThreadName([[maybe_unused]] std::string_view ThreadName)
 
 	if (SetThreadDescriptionFunc)
 	{
-		WideStringBuilder<256> ThreadNameW;
-		Utf8ToWide(ThreadName, ThreadNameW);
+		WideStringBuilder<MaxThreadNameLength + 1> ThreadNameW;
+		Utf8ToWide(LimitedThreadName, ThreadNameW);
 
 		SetThreadDescriptionFunc(::GetCurrentThread(), ThreadNameW.c_str());
 	}
diff --git a/src/zencore/zencore.cpp b/src/zencore/zencore.cpp
index 82d28c0e3..51e06ae14 100644
--- a/src/zencore/zencore.cpp
+++ b/src/zencore/zencore.cpp
@@ -124,7 +124,14 @@ AssertImpl::ExecAssert(const char* Filename, int LineNumber, const char* Functio
 	AssertImpl* AssertImpl = CurrentAssertImpl;
 	while (AssertImpl)
 	{
-		AssertImpl->OnAssert(Filename, LineNumber, FunctionName, Msg, Callstack);
+		try
+		{
+			AssertImpl->OnAssert(Filename, LineNumber, FunctionName, Msg, Callstack);
+		}
+		catch (const std::exception&)
+		{
+			// Just keep exception silent - we don't want exception thrown from assert callbacks
+		}
 		AssertImpl = AssertImpl->NextAssertImpl;
 	}
 	ThrowAssertException(Filename, LineNumber, FunctionName, Msg, Callstack);
diff --git a/src/zenhttp/packageformat.cpp b/src/zenhttp/packageformat.cpp
index 9d423ecbc..0b7848f79 100644
--- a/src/zenhttp/packageformat.cpp
+++ b/src/zenhttp/packageformat.cpp
@@ -576,7 +576,7 @@ ParsePackageMessage(IoBuffer Payload, std::function<IoBuffer(const IoHash&, uint
 
 	if (!MalformedAttachments.empty())
 	{
-		StringBuilder<1024> SB;
+		ExtendableStringBuilder<1024> SB;
 		SB << (uint64_t)MalformedAttachments.size() << " malformed attachments in package message:\n";
 		for (const auto& It : MalformedAttachments)
 		{