lib/icu/Win32: paranoid-ify the buffer length checks

Passing `length+1` to `MultiByteToWideChar()` means the function may fill the whole buffer with output data, and could theoretically overwrite the null terminator. In practice, this will never happen, but this way, it's slightly more correct. Also, null-terminate after `MultiByteToWideChar()`, after we got the real output length. Again, this would never have been a problem, but who knows...

lib/icu/Win32: paranoid-ify the buffer length checks
99afe8e6 · Max Kellermann · 169810e8 · 99afe8e6
Commit 99afe8e6 authored May 30, 2020 by Max Kellermann
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 4 deletions

Win32.cxx src/lib/icu/Win32.cxx +4 -4

No files found.
--- a/src/lib/icu/Win32.cxx
+++ b/src/lib/icu/Win32.cxx
@@ -35,13 +35,13 @@ WideCharToMultiByte(unsigned code_page, std::wstring_view src)
 		throw MakeLastError("Failed to convert from Unicode");

 	auto buffer = std::make_unique<char[]>(length + 1);
-	buffer[length] = '\0';
 	length = WideCharToMultiByte(code_page, 0, src.data(), src.size(),
-				     buffer.get(), length + 1,
+				     buffer.get(), length,
 				     nullptr, nullptr);
 	if (length <= 0)
 		throw MakeLastError("Failed to convert from Unicode");

+	buffer[length] = '\0';
 	return AllocatedString<char>::Donate(buffer.release());
 }

@@ -54,11 +54,11 @@ MultiByteToWideChar(unsigned code_page, std::string_view src)
 		throw MakeLastError("Failed to convert to Unicode");

 	auto buffer = std::make_unique<wchar_t[]>(length + 1);
-	buffer[length] = L'\0';
 	length = MultiByteToWideChar(code_page, 0, src.data(), src.size(),
-				     buffer.get(), length + 1);
+				     buffer.get(), length);
 	if (length <= 0)
 		throw MakeLastError("Failed to convert to Unicode");

+	buffer[length] = L'\0';
 	return AllocatedString<wchar_t>::Donate(buffer.release());
 }