metsw24-max opened a new pull request, #670:
URL: https://github.com/apache/logging-log4cxx/pull/670
Fix undefined behavior in `MbstowcsCharsetDecoder::decode` caused by
performing pointer arithmetic on a `nullptr` after a successful `mbsrtowcs`
conversion.
Previously, the code unconditionally computed:
converted = src - cbuf;
However, mbsrtowcs sets src to nullptr after consuming a terminating null
character, making the subtraction undefined behavior.
Changes
- Added explicit handling for the `src == nullptr` case.
- Detect whether the terminating null came from the actual input or the
temporary sentinel buffer.
- Preserve normal pointer arithmetic when src is valid.
- Keep existing loop and guard behavior unchanged.
Additional Fix
This also fixes handling of embedded null bytes where the previous logic
could incorrectly skip trailing input bytes.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
