3f4654 __ntapi_tt_array_convert_utf8_to_utf16(): outer loop: boundary checking.

Authored and Committed by midipix a year ago
    __ntapi_tt_array_convert_utf8_to_utf16(): outer loop: boundary checking.
    
        
src/argv/ntapi_tt_array_utf8.c CHANGED
@@ -307,7 +307,7 @@ int32_t __stdcall __ntapi_tt_array_convert_utf8_to_utf16(
307
307
ubound--;
308
308
ubound--;
309
309
310
- for (; arrv && *arrv; arrv++,warrv++) {
310
+ for (; arrv && *arrv && (wch<ubound); arrv++,warrv++) {
311
311
*warrv = wch - wdiff;
312
312
ch = *arrv + diff;
313
313
@@ -385,6 +385,9 @@ int32_t __stdcall __ntapi_tt_array_convert_utf8_to_utf16(
385
385
*wch++ = 0;
386
386
}
387
387
388
+ if (wch == ubound)
389
+ return NT_STATUS_BUFFER_TOO_SMALL;
390
+
388
391
*wch++ = 0;
389
392
*warrv = 0;
390
393
*bytes_written = sizeof(wchar16_t) * (wch - buffer);