1
0
mirror of https://github.com/weechat/weechat.git synced 2026-07-06 01:33:12 +02:00

core: fix buffer overflow in function utf8_next_char and return NULL for empty string

Now the function utf8_next_char with an empty string returns NULL instead of
the next char, which is most of the time after an allocated buffer.

And the function utf8_char_size with an empty string now returns 0 instead of
1.

This indirectly fixes a buffer overflow in function eval_string_range_chars
when the input string is empty (for example when doing `/eval -n ${chars:}`).
This commit is contained in:
Sébastien Helleu
2025-05-10 20:40:09 +02:00
parent 6ecd9e66bf
commit d475c16671
12 changed files with 126 additions and 48 deletions
+10 -4
View File
@@ -242,7 +242,7 @@ utf8_prev_char (const char *string_start, const char *string)
const char *
utf8_next_char (const char *string)
{
if (!string)
if (!string || !string[0])
return NULL;
/* UTF-8, 2 bytes: 110vvvvv 10vvvvvv */
@@ -311,7 +311,7 @@ utf8_end_of_line (const char *string)
if (!string)
return NULL;
while (string[0] && (string[0] != '\n'))
while (string && string[0] && (string[0] != '\n'))
{
string = utf8_next_char (string);
}
@@ -451,10 +451,16 @@ utf8_int_string (unsigned int unicode_value, char *string)
int
utf8_char_size (const char *string)
{
if (!string)
const char *ptr_next;
if (!string || !string[0])
return 0;
return utf8_next_char (string) - string;
ptr_next = utf8_next_char (string);
if (!ptr_next)
return 0;
return ptr_next - string;
}
/*