From: Johannes Schindelin <johannes.schindelin@gmx.de>
To: git@vger.kernel.org
Cc: Junio C Hamano <gitster@pobox.com>
Subject: [PATCH 03/26] winansi: avoid buffer overrun
Date: Wed, 26 Apr 2017 22:19:26 +0200 (CEST) [thread overview]
Message-ID: <2299a84fff0232d90bdd4802bc7be15ff510a168.1493237937.git.johannes.schindelin@gmx.de> (raw)
In-Reply-To: <cover.1493237937.git.johannes.schindelin@gmx.de>
When we could not convert the UTF-8 sequence into Unicode for writing to
the Console, we should not try to write an insanely-long sequence of
invalid wide characters (mistaking the negative return value for an
unsigned length).
Reported by Coverity.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
---
compat/winansi.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/compat/winansi.c b/compat/winansi.c
index fd6910746c8..861b79d8c31 100644
--- a/compat/winansi.c
+++ b/compat/winansi.c
@@ -135,6 +135,11 @@ static void write_console(unsigned char *str, size_t len)
/* convert utf-8 to utf-16 */
int wlen = xutftowcsn(wbuf, (char*) str, ARRAY_SIZE(wbuf), len);
+ if (wlen < 0) {
+ wchar_t *err = L"[invalid]";
+ WriteConsoleW(console, err, wcslen(err), &dummy, NULL);
+ return;
+ }
/* write directly to console */
WriteConsoleW(console, wbuf, wlen, &dummy, NULL);
--
2.12.2.windows.2.800.gede8f145e06
next prev parent reply other threads:[~2017-04-26 20:19 UTC|newest]
Thread overview: 178+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-04-26 20:19 [PATCH 00/26] Address a couple of issues identified by Coverity Johannes Schindelin
2017-04-26 20:19 ` [PATCH 01/26] mingw: avoid memory leak when splitting PATH Johannes Schindelin
2017-04-26 20:19 ` [PATCH 02/26] winansi: avoid use of uninitialized value Johannes Schindelin
2017-04-26 20:19 ` Johannes Schindelin [this message]
2017-04-26 20:19 ` [PATCH 04/26] add_commit_patch_id(): avoid allocating memory unnecessarily Johannes Schindelin
2017-04-26 20:19 ` [PATCH 05/26] git_config_rename_section_in_file(): avoid resource leak Johannes Schindelin
2017-04-26 20:19 ` [PATCH 06/26] get_mail_commit_oid(): " Johannes Schindelin
2017-04-26 21:06 ` Stefan Beller
2017-04-27 5:53 ` Junio C Hamano
2017-04-28 13:39 ` Johannes Schindelin
2017-04-27 6:14 ` Johannes Sixt
2017-04-28 10:02 ` Johannes Schindelin
2017-04-26 20:19 ` [PATCH 07/26] http-backend: avoid memory leaks Johannes Schindelin
2017-04-27 6:00 ` Junio C Hamano
2017-04-28 9:40 ` Johannes Schindelin
2017-05-01 1:19 ` Junio C Hamano
2017-05-01 19:05 ` Johannes Schindelin
2017-04-26 20:19 ` [PATCH 08/26] difftool: close file descriptors after reading Johannes Schindelin
2017-04-27 6:05 ` Junio C Hamano
2017-04-28 9:51 ` Johannes Schindelin
2017-04-26 20:19 ` [PATCH 09/26] status: close file descriptor after reading git-rebase-todo Johannes Schindelin
2017-04-26 20:20 ` [PATCH 10/26] Check for EOF while parsing mails Johannes Schindelin
2017-04-27 6:07 ` Junio C Hamano
2017-04-28 9:55 ` Johannes Schindelin
2017-04-27 6:20 ` Johannes Sixt
2017-04-28 10:41 ` Johannes Schindelin
2017-04-28 11:20 ` Jeff King
2017-04-28 13:33 ` Johannes Schindelin
2017-04-28 13:45 ` Jeff King
2017-04-27 6:21 ` Jeff King
2017-04-28 10:44 ` Johannes Schindelin
2017-04-28 11:08 ` Jeff King
2017-04-28 13:37 ` Johannes Schindelin
2017-04-26 20:20 ` [PATCH 11/26] cat-file: fix memory leak Johannes Schindelin
2017-04-27 6:10 ` Junio C Hamano
2017-04-28 9:59 ` Johannes Schindelin
2017-04-26 20:20 ` [PATCH 12/26] checkout: " Johannes Schindelin
2017-04-27 6:40 ` Junio C Hamano
2017-04-28 10:51 ` Johannes Schindelin
2017-04-26 20:20 ` [PATCH 13/26] split_commit_in_progress(): " Johannes Schindelin
2017-04-26 20:20 ` [PATCH 14/26] setup_bare_git_dir(): " Johannes Schindelin
2017-04-26 21:20 ` Stefan Beller
2017-04-27 22:54 ` Johannes Schindelin
2017-04-27 6:27 ` Johannes Sixt
2017-04-27 22:57 ` Johannes Schindelin
2017-04-26 20:20 ` [PATCH 15/26] setup_discovered_git_dir(): " Johannes Schindelin
2017-04-26 20:20 ` [PATCH 16/26] pack-redundant: plug " Johannes Schindelin
2017-04-26 20:21 ` [PATCH 17/26] mktree: plug memory leaks reported by Coverity Johannes Schindelin
2017-04-26 20:21 ` [PATCH 18/26] fast-export: avoid leaking memory in handle_tag() Johannes Schindelin
2017-04-27 16:39 ` Johannes Sixt
2017-04-28 10:58 ` Johannes Schindelin
2017-04-26 20:21 ` [PATCH 19/26] receive-pack: plug memory leak in update() Johannes Schindelin
2017-04-26 20:21 ` [PATCH 20/26] line-log: avoid memory leak Johannes Schindelin
2017-04-27 17:14 ` Johannes Sixt
2017-04-28 11:02 ` Johannes Schindelin
2017-04-26 20:21 ` [PATCH 21/26] shallow: " Johannes Schindelin
2017-04-26 20:21 ` [PATCH 22/26] add_reflog_for_walk: " Johannes Schindelin
2017-04-27 17:24 ` Johannes Sixt
2017-04-28 11:33 ` Johannes Schindelin
2017-04-26 20:21 ` [PATCH 23/26] remote: plug memory leak in match_explicit() Johannes Schindelin
2017-04-26 20:21 ` [PATCH 24/26] name-rev: avoid leaking memory in the `deref` case Johannes Schindelin
2017-04-26 20:21 ` [PATCH 25/26] show_worktree(): plug memory leak Johannes Schindelin
2017-04-26 20:22 ` [PATCH 26/26] submodule_uses_worktrees(): " Johannes Schindelin
2017-04-26 21:34 ` [PATCH 00/26] Address a couple of issues identified by Coverity Stefan Beller
2017-04-27 22:50 ` Johannes Schindelin
2017-04-28 18:05 ` Stefan Beller
2017-04-28 20:29 ` Automating Coverity, was " Johannes Schindelin
2017-05-01 11:22 ` Lars Schneider
2017-05-02 11:46 ` Johannes Schindelin
2017-05-05 20:30 ` Johannes Schindelin
2017-05-10 19:48 ` Johannes Schindelin
2017-05-10 19:54 ` Stefan Beller
2017-05-11 11:33 ` Johannes Schindelin
2017-04-27 17:36 ` Johannes Sixt
2017-04-28 11:36 ` Johannes Schindelin
2017-04-28 13:49 ` [PATCH v2 00/25] " Johannes Schindelin
2017-04-28 13:49 ` [PATCH v2 01/25] mingw: avoid memory leak when splitting PATH Johannes Schindelin
2017-04-28 13:49 ` [PATCH v2 02/25] winansi: avoid use of uninitialized value Johannes Schindelin
2017-04-28 13:49 ` [PATCH v2 03/25] winansi: avoid buffer overrun Johannes Schindelin
2017-04-28 13:50 ` [PATCH v2 04/25] add_commit_patch_id(): avoid allocating memory unnecessarily Johannes Schindelin
2017-04-28 13:50 ` [PATCH v2 05/25] git_config_rename_section_in_file(): avoid resource leak Johannes Schindelin
2017-04-28 13:50 ` [PATCH v2 06/25] get_mail_commit_oid(): " Johannes Schindelin
2017-04-28 13:50 ` [PATCH v2 07/25] difftool: address a couple of resource/memory leaks Johannes Schindelin
2017-04-28 13:50 ` [PATCH v2 08/25] status: close file descriptor after reading git-rebase-todo Johannes Schindelin
2017-04-28 14:02 ` [PATCH v2 09/25] mailinfo & mailsplit: check for EOF while parsing Johannes Schindelin
2017-05-02 4:11 ` Junio C Hamano
2017-05-02 13:57 ` Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 10/25] cat-file: fix memory leak Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 11/25] checkout: " Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 12/25] split_commit_in_progress(): " Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 13/25] setup_bare_git_dir(): help static analysis Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 14/25] setup_discovered_git_dir(): " Johannes Schindelin
2017-05-02 3:57 ` Junio C Hamano
2017-05-02 12:38 ` Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 15/25] pack-redundant: plug memory leak Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 16/25] mktree: plug memory leaks reported by Coverity Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 17/25] fast-export: avoid leaking memory in handle_tag() Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 18/25] receive-pack: plug memory leak in update() Johannes Schindelin
2017-04-28 14:04 ` [PATCH v2 19/25] line-log: avoid memory leak Johannes Schindelin
2017-04-28 14:04 ` [PATCH v2 20/25] shallow: " Johannes Schindelin
2017-04-28 14:04 ` [PATCH v2 21/25] add_reflog_for_walk: " Johannes Schindelin
2017-04-28 14:04 ` [PATCH v2 22/25] remote: plug memory leak in match_explicit() Johannes Schindelin
2017-04-28 14:04 ` [PATCH v2 23/25] name-rev: avoid leaking memory in the `deref` case Johannes Schindelin
2017-05-02 3:26 ` Junio C Hamano
2017-05-02 3:42 ` Junio C Hamano
2017-05-02 14:00 ` Johannes Schindelin
2017-05-04 4:22 ` Junio C Hamano
2017-04-28 14:04 ` [PATCH v2 24/25] show_worktree(): plug memory leak Johannes Schindelin
2017-05-02 3:22 ` Junio C Hamano
2017-04-28 14:04 ` [PATCH v2 25/25] submodule_uses_worktrees(): " Johannes Schindelin
2017-05-02 3:17 ` Junio C Hamano
2017-05-02 16:00 ` [PATCH v3 00/25] Address a couple of issues identified by Coverity Johannes Schindelin
2017-05-02 16:00 ` [PATCH v3 01/25] mingw: avoid memory leak when splitting PATH Johannes Schindelin
2017-05-03 19:48 ` René Scharfe
2017-05-04 10:29 ` Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 02/25] winansi: avoid use of uninitialized value Johannes Schindelin
2017-05-03 19:48 ` René Scharfe
2017-05-04 10:23 ` Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 03/25] winansi: avoid buffer overrun Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 04/25] add_commit_patch_id(): avoid allocating memory unnecessarily Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 05/25] git_config_rename_section_in_file(): avoid resource leak Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 06/25] get_mail_commit_oid(): " Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 07/25] difftool: address a couple of resource/memory leaks Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 08/25] status: close file descriptor after reading git-rebase-todo Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 09/25] mailinfo & mailsplit: check for EOF while parsing Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 10/25] cat-file: fix memory leak Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 11/25] checkout: " Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 12/25] split_commit_in_progress(): " Johannes Schindelin
2017-05-03 20:59 ` René Scharfe
2017-05-04 10:59 ` Johannes Schindelin
2017-05-06 17:13 ` René Scharfe
2017-05-09 13:39 ` Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 13/25] setup_bare_git_dir(): help static analysis Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 14/25] setup_discovered_git_dir(): plug memory leak Johannes Schindelin
2017-05-02 17:20 ` Stefan Beller
2017-05-02 18:15 ` Jeff King
2017-05-03 9:35 ` Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 15/25] pack-redundant: " Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 16/25] mktree: plug memory leaks reported by Coverity Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 17/25] fast-export: avoid leaking memory in handle_tag() Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 18/25] receive-pack: plug memory leak in update() Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 19/25] line-log: avoid memory leak Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 20/25] shallow: " Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 21/25] add_reflog_for_walk: " Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 22/25] remote: plug memory leak in match_explicit() Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 23/25] name-rev: avoid leaking memory in the `deref` case Johannes Schindelin
2017-05-02 16:03 ` [PATCH v3 24/25] show_worktree(): plug memory leak Johannes Schindelin
2017-05-02 16:03 ` [PATCH v3 25/25] submodule_uses_worktrees(): " Johannes Schindelin
2017-05-04 13:54 ` [PATCH v4 00/25] Address a couple of issues identified by Coverity Johannes Schindelin
2017-05-04 13:55 ` [PATCH v4 01/25] mingw: avoid memory leak when splitting PATH Johannes Schindelin
2017-05-04 13:55 ` [PATCH v4 02/25] winansi: avoid use of uninitialized value Johannes Schindelin
2017-05-04 13:55 ` [PATCH v4 03/25] winansi: avoid buffer overrun Johannes Schindelin
2017-05-04 13:55 ` [PATCH v4 04/25] add_commit_patch_id(): avoid allocating memory unnecessarily Johannes Schindelin
2017-05-04 13:55 ` [PATCH v4 05/25] git_config_rename_section_in_file(): avoid resource leak Johannes Schindelin
2017-05-04 13:55 ` [PATCH v4 06/25] get_mail_commit_oid(): " Johannes Schindelin
2017-05-04 13:55 ` [PATCH v4 07/25] difftool: address a couple of resource/memory leaks Johannes Schindelin
2017-05-04 13:55 ` [PATCH v4 08/25] status: close file descriptor after reading git-rebase-todo Johannes Schindelin
2017-05-04 13:56 ` [PATCH v4 09/25] mailinfo & mailsplit: check for EOF while parsing Johannes Schindelin
2017-05-04 13:56 ` [PATCH v4 10/25] cat-file: fix memory leak Johannes Schindelin
2017-05-04 13:56 ` [PATCH v4 11/25] checkout: " Johannes Schindelin
2017-05-06 17:14 ` René Scharfe
2017-05-08 0:41 ` Junio C Hamano
2017-05-09 13:42 ` Johannes Schindelin
2017-05-09 22:51 ` Junio C Hamano
2017-05-04 13:56 ` [PATCH v4 12/25] split_commit_in_progress(): simplify & " Johannes Schindelin
2017-05-04 13:56 ` [PATCH v4 13/25] setup_bare_git_dir(): help static analysis Johannes Schindelin
2017-05-04 13:56 ` [PATCH v4 14/25] setup_discovered_git_dir(): plug memory leak Johannes Schindelin
2017-05-04 13:56 ` [PATCH v4 15/25] pack-redundant: " Johannes Schindelin
2017-05-04 13:57 ` [PATCH v4 16/25] mktree: plug memory leaks reported by Coverity Johannes Schindelin
2017-05-04 13:57 ` [PATCH v4 17/25] fast-export: avoid leaking memory in handle_tag() Johannes Schindelin
2017-05-04 13:57 ` [PATCH v4 18/25] receive-pack: plug memory leak in update() Johannes Schindelin
2017-05-04 13:58 ` [PATCH v4 19/25] line-log: avoid memory leak Johannes Schindelin
2017-05-04 13:58 ` [PATCH v4 20/25] shallow: " Johannes Schindelin
2017-05-04 13:58 ` [PATCH v4 21/25] add_reflog_for_walk: " Johannes Schindelin
2017-05-04 13:59 ` [PATCH v4 22/25] remote: plug memory leak in match_explicit() Johannes Schindelin
2017-05-04 13:59 ` [PATCH v4 23/25] name-rev: avoid leaking memory in the `deref` case Johannes Schindelin
2017-05-04 13:59 ` [PATCH v4 24/25] show_worktree(): plug memory leak Johannes Schindelin
2017-05-04 13:59 ` [PATCH v4 25/25] submodule_uses_worktrees(): " Johannes Schindelin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2299a84fff0232d90bdd4802bc7be15ff510a168.1493237937.git.johannes.schindelin@gmx.de \
--to=johannes.schindelin@gmx.de \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).