From 2f89a8e388b74c3f111a2e3c9d43758138e7c4ab Mon Sep 17 00:00:00 2001 From: =?utf8?q?Thomas=20Wei=C3=9Fschuh?= Date: Wed, 13 Sep 2023 00:20:02 +0200 Subject: [PATCH] lib/mbsedit: remove usage of VLA MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Variable-length-arrays are susceptible to security issues, avoid them. Signed-off-by: Thomas Weißschuh --- lib/mbsedit.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/lib/mbsedit.c b/lib/mbsedit.c index ecfa9f4791..9cf4f0f885 100644 --- a/lib/mbsedit.c +++ b/lib/mbsedit.c @@ -157,13 +157,14 @@ static size_t mbs_insert(char *str, wint_t c, size_t *ncells) #ifdef HAVE_WIDECHAR wchar_t wc = (wchar_t) c; - char in_buf[MB_CUR_MAX]; + in = malloc(MB_CUR_MAX); + if (!in) + return -1; - n = wctomb(in_buf, wc); + n = wctomb(in, wc); if (n == (size_t) -1) - return n; + goto out; *ncells = wcwidth(wc); - in = in_buf; #else *ncells = 1; in = (char *) &c; @@ -173,6 +174,10 @@ static size_t mbs_insert(char *str, wint_t c, size_t *ncells) memmove(str + n, str, bytes); memcpy(str, in, n); str[bytes + n] = '\0'; +out: +#ifdef HAVE_WIDECHAR + free(in); +#endif return n; } -- 2.47.3