| www.delorie.com/archives/browse.cgi | search |
| DMARC-Filter: | OpenDMARC Filter v1.4.2 delorie.com 53O6gKw22618270 |
| Authentication-Results: | delorie.com; dmarc=pass (p=none dis=none) header.from=cygwin.com |
| Authentication-Results: | delorie.com; spf=pass smtp.mailfrom=cygwin.com |
| DKIM-Filter: | OpenDKIM Filter v2.11.0 delorie.com 53O6gKw22618270 |
| Authentication-Results: | delorie.com; |
| dkim=pass (1024-bit key, unprotected) header.d=cygwin.com header.i=@cygwin.com header.a=rsa-sha256 header.s=default header.b=FvUFcaNU | |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DKIM-Filter: | OpenDKIM Filter v2.11.0 sourceware.org A42F4385780C |
| DKIM-Signature: | v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com; |
| s=default; t=1745476938; | |
| bh=WFulHfdZYXGwd6cCsBAHVxjuAdlT4AZw7edlpBL8TdI=; | |
| h=Date:Subject:To:References:In-Reply-To:List-Id:List-Unsubscribe: | |
| List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To: | |
| From; | |
| b=FvUFcaNUH08xnoDEJ+B8EvzMlZyIiMmz75M+SkURjgcCwNnfvaxzgwGZxZgmeVFXB | |
| YccfW3IuhMA+cCnMHzedGmz+A9Kv0UTCELADvAYUGIO11OrM4PKBicu4fH74GpaApQ | |
| FShWEEKj1fhQerqiEsROO4PkGzmMj7sLI1YS3cLw= | |
| X-Original-To: | cygwin AT cygwin DOT com |
| Delivered-To: | cygwin AT cygwin DOT com |
| DMARC-Filter: | OpenDMARC Filter v1.4.2 sourceware.org 77B6A3858D26 |
| ARC-Filter: | OpenARC Filter v1.0.0 sourceware.org 77B6A3858D26 |
| ARC-Seal: | i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1745476912; cv=none; |
| b=b+8XO0dO99CrDNESvd475wfsfhSYTxxLv0BemZbqvFKnD90mylNGd7kfis0IxEi5HXDbBZPELy9nHQnskNa8+a8Y4m1ku52SfJYc5TzM+0DawdRNB0Ay6Ill7Eo5C/gS1ijK4RoyIjkeqQ7f95h4DxGwLjljGzhU3td8pes/YWY= | |
| ARC-Message-Signature: | i=1; a=rsa-sha256; d=sourceware.org; s=key; |
| t=1745476912; c=relaxed/simple; | |
| bh=HocvfHQNWFxShhu3qNv0Oe0ImXJDCz4NoV+9K6aoVxQ=; | |
| h=Message-ID:Date:MIME-Version:Subject:To:From; | |
| b=XOflZYxTV7JZ3JplE8bCBlAqXykoJMZh7weNmLMKX7VOysmhKW5BdB0GMDzD7NCPjXsycHZPDn6VyIGZvt8Q1fvOmhge8Xm7eVqO7AOWdi8/L6ULZ0nHoNX13nYnzfh8xpnmgMM2CAf2MbKh+rEkeSW7vMpP9oKbhPJdZMtCioY= | |
| ARC-Authentication-Results: | i=1; server2.sourceware.org |
| DKIM-Filter: | OpenDKIM Filter v2.11.0 sourceware.org 77B6A3858D26 |
| Message-ID: | <1ec4a4d8-69eb-4b6f-8216-d9248b338815@maxrnd.com> |
| Date: | Wed, 23 Apr 2025 23:41:57 -0700 |
| MIME-Version: | 1.0 |
| User-Agent: | Mozilla Thunderbird |
| Subject: | Re: cygstart: buffer overflow when a URI is passed |
| (cygutils-1.4.17-[23]) | |
| To: | cygwin AT cygwin DOT com |
| References: | <502f1b04-bc0e-4aba-b150-7b9ea3c5ba3b AT gmail DOT com> |
| <aa2914e5-9a39-cc64-09b0-4fb4563a8706 AT t-online DOT de> | |
| <7850c4a6-2683-43f9-9d3b-6f4c164b2cb6 AT maxrnd DOT com> | |
| <172cbec2-4f19-4bc3-b501-c5ffede1e11a AT maxrnd DOT com> | |
| <cb4802e0-8c74-847d-d48e-2018de870815 AT t-online DOT de> | |
| In-Reply-To: | <cb4802e0-8c74-847d-d48e-2018de870815@t-online.de> |
| X-BeenThere: | cygwin AT cygwin DOT com |
| X-Mailman-Version: | 2.1.30 |
| List-Id: | General Cygwin discussions and problem reports <cygwin.cygwin.com> |
| List-Unsubscribe: | <https://cygwin.com/mailman/options/cygwin>, |
| <mailto:cygwin-request AT cygwin DOT com?subject=unsubscribe> | |
| List-Archive: | <https://cygwin.com/pipermail/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-request AT cygwin DOT com?subject=help> |
| List-Subscribe: | <https://cygwin.com/mailman/listinfo/cygwin>, |
| <mailto:cygwin-request AT cygwin DOT com?subject=subscribe> | |
| From: | Mark Geisert via Cygwin <cygwin AT cygwin DOT com> |
| Reply-To: | Mark Geisert <mark AT maxrnd DOT com> |
| Errors-To: | cygwin-bounces~archive-cygwin=delorie DOT com AT cygwin DOT com |
| Sender: | "Cygwin" <cygwin-bounces~archive-cygwin=delorie DOT com AT cygwin DOT com> |
| X-MIME-Autoconverted: | from base64 to 8bit by delorie.com id 53O6gKw22618270 |
On 4/23/2025 3:59 AM, Christian Franke via Cygwin wrote: > Mark Geisert via Cygwin wrote: >> Drat, typo alert: >> >>> It looks to me like that 'if' statement should read >>> Â Â if (mbstowcs (*wcs_path, *mbs_path, len) ... >> >> Â Â Â if (mbstowcs (*wcspath, mbs_path, len) ... >> > > Use 'len + 1', otherwise the result would possibly be not null terminated. > > POSIX says: "The array shall not be zero-terminated if the value > returned is /n/.". > Linux mbstowcs(3) says: "... the programmer should make sure dsize is > greater than or equal to mbstowcs(NULL,src,0)+1." > > Example: [...] Thank you for the demonstration code. I was actually asking about something more subtle in the cygstart code but muffed that with typos; you've answered that question as well :). A new version 1.4.17-4 of the cygutils packages with a corrected 'cygstart' is now making its way to the mirrors. Thanks all, ..mark -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |