nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-10 09:58:01 +00:00
Code Issues Projects Releases Wiki Activity
3f76a86c13
putty-source/unix
History
Simon Tatham cf41bc0c62 Unix mb_to_wc: add missing bounds checks. 
Checking various implementations of these functions against each
other, I noticed by eyeball review that some of the special cases in
mb_to_wc() never check the buffer limit at all. Yikes!

Fortunately, I think there's no vulnerability, because these special
cases are ones that write out at most one wide char per multibyte
char, and at all the call sites (including dup_mb_to_wc) we allocate
that much even for the first attempt. The only exception to that is
the call in key_event() in unix/window.c, which uses a fixed-size
output buffer, but its input will always be the data generated by an X
keystroke event. So that one can only overrun the buffer if an X key
event manages to translate into more than 32 wide characters of text -
and even if that does come up in some exotic edge case, it will at
least not be happening under _enemy_ control.
2022-03-12 18:51:21 +00:00
..
utils Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
agent-client.c Rename most of the platform source files. 2021-04-26 18:00:01 +01:00
agent-socket.c Rename most of the platform source files. 2021-04-26 18:00:01 +01:00
askpass.c Rename most of the platform source files. 2021-04-26 18:00:01 +01:00
cliloop.c Rename most of the platform source files. 2021-04-26 18:00:01 +01:00
CMakeLists.txt Richer data type for interactive prompt results. 2021-12-28 18:08:31 +00:00
columns.c Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
columns.h GTK: allow Event Log list box to grow vertically. 2021-12-21 10:53:41 +00:00
config-gtk.c Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
config-unix.c Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
console.c Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
dialog.c Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
fd-socket.c Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
gss.c Rename most of the platform source files. 2021-04-26 18:00:01 +01:00
gtk-common.c Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
gtkcompat.h gtkcompat.h: fix GTK1 implementation of ref_sink. 2019-11-02 08:26:14 +00:00
gtkmisc.h Convert a lot of 'int' variables to 'bool'. 2018-11-03 13:45:00 +00:00
keygen-noise.c Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
local-proxy.c Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
main-gtk-application.c Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
main-gtk-simple.c Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
network.c net_service_lookup: add missing 'const'. 2022-01-22 15:51:33 +00:00
no-gtk.c Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
noise.c Rename most of the platform source files. 2021-04-26 18:00:01 +01:00
osxlaunch.c osxlaunch: stop setting DYLD_LIBRARY_PATH. 2017-12-20 10:04:02 +00:00
pageant.c Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
peerinfo.c Rename most of the platform source files. 2021-04-26 18:00:01 +01:00
platform.h Move predeclaration of struct unicode_data into defs.h. 2022-03-12 18:51:21 +00:00
plink.c Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
printing.c Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
procnet.c Generalise strbuf_catf() into put_fmt(). 2021-11-19 11:32:47 +00:00
psocks.c Rename most of the platform source files. 2021-04-26 18:00:01 +01:00
psusan.c Merge be_*.c into one ifdef-controlled module. 2021-11-26 17:58:55 +00:00
pterm-config-xpm.c Rename most of the platform source files. 2021-04-26 18:00:01 +01:00
pterm-xpm.c Rename most of the platform source files. 2021-04-26 18:00:01 +01:00
pterm.bundle OS X makefile: stop depending on JHBUILD_PREFIX. 2017-11-26 11:45:48 +00:00
pterm.c Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
pterm.plist Whitespace rationalisation of entire code base. 2019-09-08 20:29:21 +01:00
pty.c Proper backlog handling in Unix pty backend. 2021-12-20 13:14:40 +00:00
putty-config-xpm.c Rename most of the platform source files. 2021-04-26 18:00:01 +01:00
putty-xpm.c Rename most of the platform source files. 2021-04-26 18:00:01 +01:00
putty.bundle OS X makefile: stop depending on JHBUILD_PREFIX. 2017-11-26 11:45:48 +00:00
putty.c Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
putty.plist Whitespace rationalisation of entire code base. 2019-09-08 20:29:21 +01:00
serial.c Add memsets after allocation of all Backend implementors. 2021-10-30 17:28:28 +01:00
sftp.c Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
sftpserver.c Rename most of the platform source files. 2021-04-26 18:00:01 +01:00
sharing.c Pass an Interactor to new_connection(). 2021-10-30 18:19:56 +01:00
storage.c Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
unicode.c Unix mb_to_wc: add missing bounds checks. 2022-03-12 18:51:21 +00:00
unifont.c Generalise strbuf_catf() into put_fmt(). 2021-11-19 11:32:47 +00:00
unifont.h Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
uppity.c Add --allow/deny-auth to Uppity usage message. 2022-01-11 23:57:39 +00:00
uxsel.c Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
window.c GTK: fix junk in window margin with fixed-size windows. 2022-02-03 18:44:46 +00:00
x11.c Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
x11misc.h Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00