Skip to content

Commit b5d3c43

Browse files
cbrackencbracken
authored
Check string size before Win32 MultiByte <-> WideChar conversions (flutter#99729)
This patch adds an additional check to ensure the target length of a string is within the supported maximum string length prior to calling WideCharToMultiByte/MultiByteToWideChar in the Windows runner template. This is to prevent resize() from failing if called with a count > std::string::max_size(). According to Win32 API docs (WideCharToMultiByte, MultiByteToWideChar) it's the caller responsibility to make sure the buffers are correctly allocated. Authored by: Tomasz Gucio <[email protected]>
1 parent dfd8bde commit b5d3c43

File tree

4 files changed

+12
-12
lines changed
  • dev
    • integration_tests/flutter_gallery/windows/runner
    • manual_tests/windows/runner
  • examples/api/windows/runner
  • packages/flutter_tools/templates/app_shared/windows.tmpl/runner

4 files changed

+12
-12
lines changed

dev/integration_tests/flutter_gallery/windows/runner/utils.cpp

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -48,10 +48,10 @@ std::string Utf8FromUtf16(const wchar_t* utf16_string) {
4848
int target_length = ::WideCharToMultiByte(
4949
CP_UTF8, WC_ERR_INVALID_CHARS, utf16_string,
5050
-1, nullptr, 0, nullptr, nullptr);
51-
if (target_length == 0) {
52-
return std::string();
53-
}
5451
std::string utf8_string;
52+
if (target_length == 0 || target_length > utf8_string.max_size()) {
53+
return utf8_string;
54+
}
5555
utf8_string.resize(target_length);
5656
int converted_length = ::WideCharToMultiByte(
5757
CP_UTF8, WC_ERR_INVALID_CHARS, utf16_string,

dev/manual_tests/windows/runner/utils.cpp

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -48,10 +48,10 @@ std::string Utf8FromUtf16(const wchar_t* utf16_string) {
4848
int target_length = ::WideCharToMultiByte(
4949
CP_UTF8, WC_ERR_INVALID_CHARS, utf16_string,
5050
-1, nullptr, 0, nullptr, nullptr);
51-
if (target_length == 0) {
52-
return std::string();
53-
}
5451
std::string utf8_string;
52+
if (target_length == 0 || target_length > utf8_string.max_size()) {
53+
return utf8_string;
54+
}
5555
utf8_string.resize(target_length);
5656
int converted_length = ::WideCharToMultiByte(
5757
CP_UTF8, WC_ERR_INVALID_CHARS, utf16_string,

examples/api/windows/runner/utils.cpp

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -48,10 +48,10 @@ std::string Utf8FromUtf16(const wchar_t* utf16_string) {
4848
int target_length = ::WideCharToMultiByte(
4949
CP_UTF8, WC_ERR_INVALID_CHARS, utf16_string,
5050
-1, nullptr, 0, nullptr, nullptr);
51-
if (target_length == 0) {
52-
return std::string();
53-
}
5451
std::string utf8_string;
52+
if (target_length == 0 || target_length > utf8_string.max_size()) {
53+
return utf8_string;
54+
}
5555
utf8_string.resize(target_length);
5656
int converted_length = ::WideCharToMultiByte(
5757
CP_UTF8, WC_ERR_INVALID_CHARS, utf16_string,

packages/flutter_tools/templates/app_shared/windows.tmpl/runner/utils.cpp

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -48,10 +48,10 @@ std::string Utf8FromUtf16(const wchar_t* utf16_string) {
4848
int target_length = ::WideCharToMultiByte(
4949
CP_UTF8, WC_ERR_INVALID_CHARS, utf16_string,
5050
-1, nullptr, 0, nullptr, nullptr);
51-
if (target_length == 0) {
52-
return std::string();
53-
}
5451
std::string utf8_string;
52+
if (target_length == 0 || target_length > utf8_string.max_size()) {
53+
return utf8_string;
54+
}
5555
utf8_string.resize(target_length);
5656
int converted_length = ::WideCharToMultiByte(
5757
CP_UTF8, WC_ERR_INVALID_CHARS, utf16_string,

0 commit comments

Comments
 (0)