diff mbox series

[Openvpn-devel,v1] iservice: check return value of MultiByteToWideChar

Message ID 20251030194736.2151-1-gert@greenie.muc.de
State New
Headers show
Series [Openvpn-devel,v1] iservice: check return value of MultiByteToWideChar | expand

Commit Message

Gert Doering Oct. 30, 2025, 7:47 p.m. UTC 
From: Heiko Hund <heiko@ist.eigentlich.net>

If the first call to MultiByteToWideChar returns 0, something must have
failed, because it returns the required buffer size including the
terminating zero. When it does return 0, just return NULL and indicate
that the call to utf8to16(_size) failed.

Found by ZeroPath.

Reported-By: Joshua Rogers <contact@joshua.hu>
Change-Id: I92804da010bab36cd0326759c04f955f2bda74de
Signed-off-by: Heiko Hund <heiko@ist.eigentlich.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1306
---

This change was reviewed on Gerrit and approved by at least one
developer. I request to merge it to master.

Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1306
This mail reflects revision 1 of this Change.

Acked-by according to Gerrit (reflected above):
Gert Doering <gert@greenie.muc.de>

Comments

Gert Doering Oct. 30, 2025, 9:14 p.m. UTC | #1 
Not sure if MultiByteToWideChar() could ever fail here (UTF8 decoding
errors are only reported if MB_ERR_INVALID_CHARS is passed in), but
then, checking for an error here will ensure that we can't crash 
further down.  So, good practice.

I have verified that all callers of utf8to16_size() and utf8to16()
can handle NULL returns fine, so this is safe.

Your patch has been applied to the master and release/2.6 branch
(bugfix, with some shoehorning).

commit fdd4072541ba52e297c19672d3b1e7021d14bc91 (master)
commit 5b5fdb05d969abc0be7a701c752821299cb98d5e (release/2.6)
Author: Heiko Hund
Date:   Thu Oct 30 20:47:31 2025 +0100

     iservice: check return value of MultiByteToWideChar

     Signed-off-by: Heiko Hund <heiko@ist.eigentlich.net>
     Acked-by: Gert Doering <gert@greenie.muc.de>
     Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1306
     Message-Id: <20251030194736.2151-1-gert@greenie.muc.de>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34071.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>


--
kind regards,

Gert Doering
diff mbox series

Patch

diff --git a/src/openvpnserv/common.c b/src/openvpnserv/common.c
index e975cc7..d25d9c0 100644
--- a/src/openvpnserv/common.c
+++ b/src/openvpnserv/common.c
@@ -276,6 +276,10 @@ 
 utf8to16_size(const char *utf8, int size)
 {
     int n = MultiByteToWideChar(CP_UTF8, 0, utf8, size, NULL, 0);
+    if (n == 0)
+    {
+        return NULL;
+    }
     wchar_t *utf16 = malloc(n * sizeof(wchar_t));
     if (!utf16)
     {