From: Grant Erickson <gerickson@nuovations.com>
To: ell@lists.linux.dev
Cc: Marcel Holtmann <marcel@holtmann.org>
Subject: [RFC PATCH v5] edit: improve error handling of 'mbstowcs' and 'wcstombs' functions.
Date: Thu, 4 Apr 2024 17:20:11 -0700 [thread overview]
Message-ID: <20240405002011.3480886-9-gerickson@nuovations.com> (raw)
In-Reply-To: <20240405002011.3480886-1-gerickson@nuovations.com>
On error, the 'mbstowcs' and 'wcstombs' functions could return
'SIZE_MAX' when uncountering unconvertable character sequences.
Ensure that such errors are not obscured and are passed along to the
caller.
---
ell/edit.c | 53 ++++++++++++++++++++++++++++++++++++++++++++---------
1 file changed, 44 insertions(+), 9 deletions(-)
diff --git a/ell/edit.c b/ell/edit.c
index 6747f92e289e..5551ae52bfdb 100644
--- a/ell/edit.c
+++ b/ell/edit.c
@@ -104,10 +104,16 @@ static void reset_input_buf(struct input_buf *buf, const char *input)
if (input) {
size_t len;
- /* Calculate the required size of the wide character string
- * including its terminating null character.
+ /* Calculate the required size of the wide character string.
*/
- len = mbstowcs(NULL, input, 0) + 1;
+ len = mbstowcs(NULL, input, 0);
+ if (len == SIZE_MAX)
+ return;
+
+ /* Increase the size of the wide character string by one to
+ * cover its terminating null character.
+ */
+ len += 1;
/* If the current buffer is to small, then allocate a new
* one and free the previous one. Since in most cases the
@@ -125,6 +131,9 @@ static void reset_input_buf(struct input_buf *buf, const char *input)
* and then move the cursor to the end.
*/
buf->len = mbstowcs(buf->buf, input, buf->size);
+ if (buf->len == SIZE_MAX)
+ return;
+
buf->pos = buf->len;
} else {
/* Reset the main item to an empty string */
@@ -197,6 +206,7 @@ static void update_debug(struct l_edit *edit)
struct l_string *str;
char *tmp;
size_t len;
+ size_t status;
unsigned int pos = 0;
if (!edit->debug_handler)
@@ -218,9 +228,14 @@ static void update_debug(struct l_edit *edit)
buf = edit->head;
while (buf) {
- len = wcstombs(NULL, buf->buf, 0) + 1;
+ len = wcstombs(NULL, buf->buf, 0);
+ if (len == SIZE_MAX)
+ return;
+ len += 1;
tmp = l_malloc(len);
- wcstombs(tmp, buf->buf, len);
+ status = wcstombs(tmp, buf->buf, len);
+ if (status == SIZE_MAX)
+ return;
l_string_append_printf(str, "%3u %s\n", pos, tmp);
l_free(tmp);
pos++;
@@ -415,9 +430,18 @@ LIB_EXPORT int l_edit_enter(struct l_edit *edit, char **line)
/* Convert the wide character string into the multibyte string
* representation like UTF-8 for example.
*/
- len = wcstombs(NULL, edit->main->buf, 0) + 1;
+ len = wcstombs(NULL, edit->main->buf, 0);
+ if (len == SIZE_MAX)
+ return -EILSEQ;
+
+ len += 1;
+
str = l_malloc(len);
- wcstombs(str, edit->main->buf, len);
+ if (!str)
+ return -ENOMEM;
+
+ if (wcstombs(str, edit->main->buf, len) == SIZE_MAX)
+ return -EILSEQ;
if (edit->main->len > 0) {
/* If the current entered item is different from the first
@@ -775,10 +799,21 @@ LIB_EXPORT int l_edit_history_save(struct l_edit *edit, const char *pathname)
while (buf) {
char *tmp;
size_t len;
+ size_t status;
- len = wcstombs(NULL, buf->buf, 0) + 1;
+ len = wcstombs(NULL, buf->buf, 0);
+ if (len == SIZE_MAX) {
+ close(fd);
+ return -EILSEQ;
+ }
+ len += 1;
tmp = l_malloc(len);
- wcstombs(tmp, buf->buf, len);
+ status = wcstombs(tmp, buf->buf, len);
+ if (status == SIZE_MAX) {
+ l_free(tmp);
+ close(fd);
+ return -EILSEQ;
+ }
dprintf(fd, "%s\n", tmp);
l_free(tmp);
--
2.42.0
prev parent reply other threads:[~2024-04-05 0:20 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-05 0:20 [RFC PATCH v5] Line Editor Grant Erickson
2024-04-05 0:20 ` [RFC PATCH v5] edit: Initial revision Grant Erickson
2024-04-05 0:20 ` [RFC PATCH v5] ell: Add include directive for 'ell/edit.h' Grant Erickson
2024-04-05 0:20 ` [RFC PATCH v5] ell/Makefile: Added 'edit.[ch]' to HEADERS and SOURCES Grant Erickson
2024-04-05 0:20 ` [RFC PATCH v5] edit: Added 'l_edit_*' symbols Grant Erickson
2024-04-05 0:20 ` [RFC PATCH v5] edit: pass the l_edit instance to the display and debug handlers Grant Erickson
2024-04-05 0:20 ` [RFC PATCH v5] edit: change return signatures from 'bool' to 'int' Grant Erickson
2024-04-05 0:20 ` [RFC PATCH v5] edit: change the 'l_edit_enter' return signature from 'char *' " Grant Erickson
2024-04-05 0:20 ` Grant Erickson [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240405002011.3480886-9-gerickson@nuovations.com \
--to=gerickson@nuovations.com \
--cc=ell@lists.linux.dev \
--cc=marcel@holtmann.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).