On Jan 16 20:09, Takashi Yano wrote: > On Wed, 14 Jan 2026 23:31:06 +0100 > Corinna Vinschen wrote: > > From: Corinna Vinschen <[email protected]> > > > > c32rtomb neglects to check the input character for being outside > > the valid UNICODE planes. It happily converts the invalid character > > into a valid (but wrong) surrogate pair and carries on. > > > > Add a check so characters beyond 0x10ffff are not converted anymore. > > Return -1 with errno set to EILSEQ instead. > > > > Fixes: 4f258c55e87f ("Cygwin: Add ISO C11 functions c16rtomb, c32rtomb, > > mbrtoc16, mbrtoc32.") > > Signed-off-by: Corinna Vinschen <[email protected]> > > --- > > winsup/cygwin/release/3.6.7 | 5 +++++ > > winsup/cygwin/strfuncs.cc | 7 +++++++ > > 2 files changed, 12 insertions(+) > > create mode 100644 winsup/cygwin/release/3.6.7 > > > > diff --git a/winsup/cygwin/release/3.6.7 b/winsup/cygwin/release/3.6.7 > > new file mode 100644 > > index 000000000000..defe55ffe75e > > --- /dev/null > > +++ b/winsup/cygwin/release/3.6.7 > > @@ -0,0 +1,5 @@ > > +Fixes: > > +------ > > + > > +- Guard c32rtomb against invalid input characters. > > + Addresses a testsuite error in current gawk git master. > > diff --git a/winsup/cygwin/strfuncs.cc b/winsup/cygwin/strfuncs.cc > > index eb6576051d90..0cf41cefc8a2 100644 > > --- a/winsup/cygwin/strfuncs.cc > > +++ b/winsup/cygwin/strfuncs.cc > > @@ -146,6 +146,13 @@ c32rtomb (char *s, char32_t wc, mbstate_t *ps) > > if (wc <= 0xffff || !s) > > return wcrtomb (s, (wchar_t) wc, ps); > > > > + /* Check for character outside valid UNICODE planes */ > > + if (wc > 0x10ffff) > > + { > > + _REENT_ERRNO(_REENT) = EILSEQ; > > + return (size_t)(-1); > > + } > > + > > wchar_t wc_arr[2]; > > const wchar_t *wcp = wc_arr; > > > > -- > > 2.52.0 > > LGTM.
THanks > What does this change address for? I mentioned it above in the release/3.6.7 entry, a testsuite error in gawk git master. It checks the input functions with invalid input and this uncovered the missing EILSEQ handling in c32rtomb. Corinna
