undef/git-commit-vandalism
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

mingw: fix possible buffer overrun when calling GetUserNameW()

Browse Source 
In 39a98e9b68 (mingw: get pw_name in UTF-8 format, 2019-06-27), this
developer missed the fact that the `GetUserNameW()` function takes the
number of characters as `len` parameter, not the number of bytes.

Reported-by: Beat Bolli <dev+git@drbeat.li>
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
Johannes Schindelin 2019-07-04 15:36:57 -07:00 committed by Junio C Hamano
parent 94238859b9
commit 697bdd22b8
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
compat/mingw.c
View File

@ -1952,7 +1952,7 @@ struct passwd *getpwuid(int uid)
if (initialized)
return p;
len = sizeof(buf);
len = ARRAY_SIZE(buf);
if (!GetUserNameW(buf, &len)) {
initialized = 1;
return NULL;