luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2025-12-12 03:23:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'backport-4935-file-attribute-maths-glib-2-86' into 'glib-2-86'

Browse Source 
Backport !4935 “gfileattribute: Fix integer overflow calculating escaping for byte strings” to glib-2-86

See merge request GNOME/glib!4936
This commit is contained in:
Marco Trevisan
2025-12-06 01:01:37 +01:00
parent 5ea88e2d93 4f0399c0aa
commit 8a107c7fab
1 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
gio/gfileattribute.c
View File

@@ -22,6 +22,7 @@
#include "config.h"
#include <stdint.h>
#include <string.h>
#include "gfileattribute.h"
@@ -166,11 +167,12 @@ valid_char (char c)
return c >= 32 && c <= 126 && c != '\\';
}
/* Returns NULL on error */
static char *
escape_byte_string (const char *str)
{
size_t i, len;
int num_invalid;
size_t num_invalid;
char *escaped_val, *p;
unsigned char c;
const char hex_digits[] = "0123456789abcdef";
@@ -188,7 +190,12 @@ escape_byte_string (const char *str)
return g_strdup (str);
else
{
escaped_val = g_malloc (len + num_invalid*3 + 1);
/* Check for overflow. We want to check the inequality:
* !(len + num_invalid * 3 + 1 > SIZE_MAX) */
if (num_invalid >= (SIZE_MAX - len) / 3)
return NULL;
escaped_val = g_malloc (len + num_invalid * 3 + 1);
p = escaped_val;
for (i = 0; i < len; i++)