mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-04-15 01:58:05 -05:00
cf41bc0c62
Checking various implementations of these functions against each other, I noticed by eyeball review that some of the special cases in mb_to_wc() never check the buffer limit at all. Yikes! Fortunately, I think there's no vulnerability, because these special cases are ones that write out at most one wide char per multibyte char, and at all the call sites (including dup_mb_to_wc) we allocate that much even for the first attempt. The only exception to that is the call in key_event() in unix/window.c, which uses a fixed-size output buffer, but its input will always be the data generated by an X keystroke event. So that one can only overrun the buffer if an X key event manages to translate into more than 32 wide characters of text - and even if that does come up in some exotic edge case, it will at least not be happening under _enemy_ control.
This is the README for PuTTY, a free Windows and Unix Telnet and SSH
client.
PuTTY is built using CMake <https://cmake.org/>. To compile in the
simplest way (on any of Linux, Windows or Mac), run these commands in
the source directory:
cmake .
cmake --build .
Documentation (in various formats including Windows Help and Unix
`man' pages) is built from the Halibut (`.but') files in the `doc'
subdirectory using `doc/Makefile'. If you aren't using one of our
source snapshots, you'll need to do this yourself. Halibut can be
found at <https://www.chiark.greenend.org.uk/~sgtatham/halibut/>.
The PuTTY home web site is
https://www.chiark.greenend.org.uk/~sgtatham/putty/
If you want to send bug reports or feature requests, please read the
Feedback section of the web site before doing so. Sending one-line
reports saying `it doesn't work' will waste your time as much as
ours.
See the file LICENCE for the licence conditions.