gre-ilya/libuv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

win: add overflow check in make_program_args()

Browse Source 
The command-line buffer size computation at dst_len * 2 + arg_count * 2
can overflow size_t on 32-bit systems when the total argument length is
large. Add a check before the arithmetic to reject inputs that would
cause the multiplication or addition to wrap.
This commit is contained in:
Ali Raza 2026-03-07 03:08:34 +05:00
parent f8343313b1
commit ac46074797
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/win/process.c
View File

@ -546,6 +546,10 @@ int make_program_args(char** args, int verbatim_arguments, WCHAR** dst_ptr) {
/* Adjust for potential quotes. Also assume the worst-case scenario that
* every character needs escaping, so we need twice as much space. */
if (dst_len > (SIZE_MAX / sizeof(WCHAR) - arg_count * 2) / 2) {
err = UV_EINVAL;
goto error;
}
dst_len = dst_len * 2 + arg_count * 2;
/* Allocate buffer for the final command line. */