utf8: fix truncated string lengths in utf8_strnwidth()
The `utf8_strnwidth()` function accepts an optional string length as input parameter. This parameter can either be set to `-1`, in which case we call `strlen()` on the input. Or it can be set to a positive integer that indicates a precomputed length, which callers typically compute by calling `strlen()` at some point themselves. The input parameter is an `int` though, whereas `strlen()` returns a `size_t`. This can lead to implementation-defined behaviour though when the `size_t` cannot be represented by the `int`. In the general case though this leads to wrap-around and thus to negative string sizes, which is sure enough to not lead to well-defined behaviour. Fix this by accepting a `size_t` instead of an `int` as string length. While this takes away the ability of callers to simply pass in `-1` as string length, it really is trivial enough to convert them to instead pass in `strlen()` instead. Signed-off-by: Patrick Steinhardt <ps@pks.im> Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:

committed by
Junio C Hamano

parent
48050c42c7
commit
522cc87fdc
4
pretty.c
4
pretty.c
@ -1483,7 +1483,7 @@ static size_t format_and_pad_commit(struct strbuf *sb, /* in UTF-8 */
|
||||
int occupied;
|
||||
if (!start)
|
||||
start = sb->buf;
|
||||
occupied = utf8_strnwidth(start, -1, 1);
|
||||
occupied = utf8_strnwidth(start, strlen(start), 1);
|
||||
occupied += c->pretty_ctx->graph_width;
|
||||
padding = (-padding) - occupied;
|
||||
}
|
||||
@ -1501,7 +1501,7 @@ static size_t format_and_pad_commit(struct strbuf *sb, /* in UTF-8 */
|
||||
placeholder++;
|
||||
total_consumed++;
|
||||
}
|
||||
len = utf8_strnwidth(local_sb.buf, -1, 1);
|
||||
len = utf8_strnwidth(local_sb.buf, local_sb.len, 1);
|
||||
|
||||
if (c->flush_type == flush_left_and_steal) {
|
||||
const char *ch = sb->buf + sb->len - 1;
|
||||
|
Reference in New Issue
Block a user