From 87441dd0a15c5d972e3e8fc485e6e806921cfda8 Mon Sep 17 00:00:00 2001
From: "alexey.lysiuk" <alexey.lysiuk@gmail.com>
Date: Tue, 5 Mar 2019 13:06:39 +0200
Subject: [PATCH] - fixed infinite loop and out-of-bound read in shader patcher

---
 src/rendering/hwrenderer/utility/hw_shaderpatcher.cpp | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/rendering/hwrenderer/utility/hw_shaderpatcher.cpp b/src/rendering/hwrenderer/utility/hw_shaderpatcher.cpp
index 923e9da30..50c07f59d 100644
--- a/src/rendering/hwrenderer/utility/hw_shaderpatcher.cpp
+++ b/src/rendering/hwrenderer/utility/hw_shaderpatcher.cpp
@@ -197,12 +197,17 @@ FString RemoveLayoutLocationDecl(FString code, const char *inoutkeyword)
 		if (matchIndex == -1)
 			break;
 
-		long endIndex = startIndex;
+		long endIndex = matchIndex;
 
 		// Find end of layout declaration
 		while (chars[endIndex] != ')' && chars[endIndex] != 0)
 			endIndex++;
 
+		if (chars[endIndex] == ')')
+			endIndex++;
+		else if (chars[endIndex] == 0)
+			break;
+
 		// Skip whitespace
 		while (IsGlslWhitespace(chars[endIndex]))
 			endIndex++;
@@ -221,7 +226,7 @@ FString RemoveLayoutLocationDecl(FString code, const char *inoutkeyword)
 		if (keywordFound && IsGlslWhitespace(chars[endIndex + i]))
 		{
 			// yes - replace declaration with spaces
-			for (long i = startIndex; i < endIndex; i++)
+			for (long i = matchIndex; i < endIndex; i++)
 				chars[i] = ' ';
 		}