emo/procps
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

proc/escape.c: Prevent integer overflows in escape_str_utf8().

Browse Source 
Simply rearrange the old comparisons. The new comparisons are safe,
because we know from previous checks that:

1/ wlen > 0

2/ my_cells < *maxcells (also: my_cells >= 0 and *maxcells > 0)

3/ len > 1

4/ my_bytes+1 < bufsize (also: my_bytes >= 0 and bufsize > 0)
This commit is contained in:
Qualys Security Advisory 1970-01-01 00:00:00 +00:00 committed by Craig Small
parent 8d359b04ab
commit 37ce162604
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
proc/escape.c
View File

@ -98,7 +98,7 @@ static int escape_str_utf8(char *restrict dst, const char *restrict src, int buf
} else {
// multibyte - printable
// Got space?
if (my_cells+wlen > *maxcells || my_bytes+1+len >= bufsize) break;
if (wlen > *maxcells-my_cells || len >= bufsize-(my_bytes+1)) break;
// 0x9b is control byte for some terminals
if (memchr(src, 0x9B, len)) {
// unsafe multibyte