From 6560de0705df94a37af20630ebc87b9b0e7bc494 Mon Sep 17 00:00:00 2001
From: duncanspumpkin <duncans_pumpkin@hotmail.co.uk>
Date: Tue, 31 Mar 2020 19:10:52 +0100
Subject: [PATCH 1/2] Potential fix #11174, #11175. Use Strnlen

Unsure if this will fix the issue as not reproducable. It is possible
that the pointer passed to this function is bad
---
 src/openrct2/localisation/Localisation.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/openrct2/localisation/Localisation.cpp b/src/openrct2/localisation/Localisation.cpp
index ef881fee36..515f79c802 100644
--- a/src/openrct2/localisation/Localisation.cpp
+++ b/src/openrct2/localisation/Localisation.cpp
@@ -370,7 +370,7 @@ static void format_append_string(char** dest, size_t* size, const utf8* string)
 {
     if ((*size) == 0)
         return;
-    size_t length = strlen(string);
+    size_t length = strnlen(string, *size);
     if (length < (*size))
     {
         std::memcpy((*dest), string, length);

From 0fd793504ef9001a47c4136ce386f229d9fe953c Mon Sep 17 00:00:00 2001
From: duncanspumpkin <duncans_pumpkin@hotmail.co.uk>
Date: Tue, 31 Mar 2020 19:13:13 +0100
Subject: [PATCH 2/2] Additional validation

---
 src/openrct2/localisation/Localisation.cpp | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/openrct2/localisation/Localisation.cpp b/src/openrct2/localisation/Localisation.cpp
index 515f79c802..ccfb3950b5 100644
--- a/src/openrct2/localisation/Localisation.cpp
+++ b/src/openrct2/localisation/Localisation.cpp
@@ -370,6 +370,8 @@ static void format_append_string(char** dest, size_t* size, const utf8* string)
 {
     if ((*size) == 0)
         return;
+    if (string == nullptr)
+        return;
     size_t length = strnlen(string, *size);
     if (length < (*size))
     {