Mirrors/fish-shell
2
0
Fork 0
mirror of https://github.com/fish-shell/fish-shell synced 2024-12-27 05:13:10 +00:00
Code Issues Projects Releases Packages Wiki Activity

Fix for buffer overflows identified by libgmalloc

Browse source
This commit is contained in:
ridiculousfish 2013-10-16 01:02:15 -07:00
parent 4980959fce
commit 3c5d5b344e
2 changed files with 18 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
fallback.cpp
View file

@ -1503,14 +1503,20 @@ static int mk_wcwidth(wchar_t ucs)
static int mk_wcswidth(const wchar_t *pwcs, size_t n) static int mk_wcswidth(const wchar_t *pwcs, size_t n)
{ {
int w, width = 0; int width = 0;
for (size_t i=0; i < n; i++)
{
if (pwcs[i] == L'\0')
break;
for (; *pwcs && n-- > 0; pwcs++) int w = mk_wcwidth(pwcs[i]);
if ((w = mk_wcwidth(*pwcs)) < 0) if (w < 0)
return -1; {
else width = -1;
break;
}
width += w; width += w;
}
return width; return width;
} }

6
parse_util.cpp
View file

@ -260,8 +260,7 @@ void parse_util_cmdsubst_extent(const wchar_t *buff, size_t cursor_pos, const wc
/* No subshell found, all done */ /* No subshell found, all done */
break; break;
} }
/* Interpret NULL to mean the end */
/* Intrepret NULL to mean the end */
if (end == NULL) if (end == NULL)
{ {
end = const_cast<wchar_t *>(buff) + bufflen; end = const_cast<wchar_t *>(buff) + bufflen;
@ -273,6 +272,9 @@ void parse_util_cmdsubst_extent(const wchar_t *buff, size_t cursor_pos, const wc
begin++; begin++;
ap = begin; ap = begin;
bp = end; bp = end;
/* pos is where to begin looking for the next one. But if we reached the end there's no next one. */
if (begin >= end)
break;
pos = begin + 1; pos = begin + 1;
} }
else if (begin >= cursor) else if (begin >= cursor)