diff options
| author | Johannes Schindelin <johannes.schindelin@gmx.de> | 2017-05-04 16:55:34 +0300 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2017-05-08 06:18:19 +0300 |
| commit | b6b066adf9e1e970a6d8295db630ab1e1f3bc71c (patch) | |
| tree | cb406803715e04953a1745fbb26f8c1f85d672ff /compat | |
| parent | 3057da5ad51b3256a6f6b94d034e6a5571ce5ece (diff) | |
winansi: avoid buffer overrun
When we could not convert the UTF-8 sequence into Unicode for writing to
the Console, we should not try to write an insanely-long sequence of
invalid wide characters (mistaking the negative return value for an
unsigned length).
Reported by Coverity.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'compat')
| -rw-r--r-- | compat/winansi.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/compat/winansi.c b/compat/winansi.c index a551de90eb..a11a0f16d2 100644 --- a/compat/winansi.c +++ b/compat/winansi.c @@ -140,6 +140,11 @@ static void write_console(unsigned char *str, size_t len) /* convert utf-8 to utf-16 */ int wlen = xutftowcsn(wbuf, (char*) str, ARRAY_SIZE(wbuf), len); + if (wlen < 0) { + wchar_t *err = L"[invalid]"; + WriteConsoleW(console, err, wcslen(err), &dummy, NULL); + return; + } /* write directly to console */ WriteConsoleW(console, wbuf, wlen, &dummy, NULL); |