Possible Bug: Null Pointer Dereference in XMLElement::SetText() with malformed input

[CRlNKLECORE]

A null pointer dereference occurs when calling XMLElement::SetText() using fuzzed or malformed input passed through XMLDocument::Parse(). The bug causes a crash due to strlen() being invoked on a nullptr inside the internal StrPair::SetStr() call chain.

Steps to Reproduce:

Compile TinyXML2 with AddressSanitizer (-fsanitize=address) and a fuzzing harness that passes unvalidated input to the following code:

std::string xml(reinterpret_cast<const char*>(data), size);
XMLDocument doc;
doc.Parse(xml.c_str(), size);

XMLElement* root = doc.NewElement("root");
XMLElement* child = doc.NewElement("child");

child->SetText(xml.c_str());  // <-- crash if xml.c_str() is nullptr/invalid
root->InsertEndChild(child);
doc.InsertFirstChild(root);
doc.Print();

Feed an empty or malformed string

ASan Output (Abbreviated):

==5687==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000
#0 0x7fcd75a3875d in strlen (/lib/x86_64-linux-gnu/libc.so.6)
#1 0x56489a6ced09 in tinyxml2::StrPair::SetStr(char const*, int) tinyxml2.cpp:198
#2 0x56489a6bfe65 in tinyxml2::XMLElement::SetAttribute(char const*, char const*)

Proposed Fix: Add a null check before calling strlen() in StrPair::SetStr() and validate arguments in SetText() or upstream.