Mark Geisert via Cygwin wrote:
Drat, typo alert:
It looks to me like that 'if' statement should read
if (mbstowcs (*wcs_path, *mbs_path, len) ...
if (mbstowcs (*wcspath, mbs_path, len) ...
Use 'len + 1', otherwise the result would possibly be not null terminated.
POSIX says: "The array shall not be zero-terminated if the value
returned is /n/.".
Linux mbstowcs(3) says: "... the programmer should make sure dsize is
greater than or equal to mbstowcs(NULL,src,0)+1."
Example:
#include <stdio.h>
#include <stdlib.h>
int main()
{
const char src[] = "123";
wchar_t dst[4] = L"...!";
size_t len = mbstowcs(NULL, src, 0);
printf("len=%zu\n", len);
mbstowcs(dst, src, len);
printf("len: '%.4S'\n", dst);
mbstowcs(dst, src, len+1);
printf("len+1: '%.4S'\n", dst);
printf("len+2:\n");
mbstowcs(dst, src, len+2);
return 0;
}
Result if compiled with -O -D_FORTIFY_SOURCE:
len=3
len: '123!'
len+1: '123'
len+2:
*** buffer overflow detected ***: terminated
Aborted
--
Regards,
Christian
--
Problem reports: https://cygwin.com/problems.html
FAQ: https://cygwin.com/faq/
Documentation: https://cygwin.com/docs.html
Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
