[wxWidgets/wxWidgets] cf5002: Avoid buffer read overflow in wxCharTypeBuffer ctor
0 views
Skip to first unread message
VZ
May 30, 2026, 5:04:47 PM (11 days ago) May 30
to wx-co...@googlegroups.com
Branch: refs/heads/master
Home: https://github.com/wxWidgets/wxWidgets
Commit: cf50020259ebf5f73b00138599f3ad958ae156fe
https://github.com/wxWidgets/wxWidgets/commit/cf50020259ebf5f73b00138599f3ad958ae156fe
Author: Vadim Zeitlin <va...@wxwidgets.org>
Date: 2026-05-30 (Sat, 30 May 2026)
Changed paths:
M include/wx/buffer.h
M tests/strings/strings.cpp
Log Message:
-----------
Avoid buffer read overflow in wxCharTypeBuffer ctor
Don't assume that the data is always followed by NUL.
Closes #26527.
Commit: ccff9fe0f3ef3cc812da9b56bd56b5bc3273ddec
https://github.com/wxWidgets/wxWidgets/commit/ccff9fe0f3ef3cc812da9b56bd56b5bc3273ddec
Author: Vadim Zeitlin <va...@wxwidgets.org>
Date: 2026-05-30 (Sat, 30 May 2026)
Changed paths:
M src/common/xpmdecod.cpp
M tests/image/image.cpp
Log Message:
-----------
Make recently added wxXPMDecoder test case really pass
We need to use memmove() and not strncpy() in wxXPMDecoder code as
nothing guarantees that the source and destination regions don't overlap
and they did overlap, in fact, for the test case added as part of
46f928d057 (Fix buffer overflow on invalid width in wxXPMDecoder,
2026-05-27).
Also make the test itself more explicit by hard-coding the test XPM
instead of constructing it dynamically.
See #26519.
Compare: https://github.com/wxWidgets/wxWidgets/compare/262cec29155e...ccff9fe0f3ef
To unsubscribe from these emails, change your notification settings at https://github.com/wxWidgets/wxWidgets/settings/notifications
Home: https://github.com/wxWidgets/wxWidgets
Commit: cf50020259ebf5f73b00138599f3ad958ae156fe
https://github.com/wxWidgets/wxWidgets/commit/cf50020259ebf5f73b00138599f3ad958ae156fe
Author: Vadim Zeitlin <va...@wxwidgets.org>
Date: 2026-05-30 (Sat, 30 May 2026)
Changed paths:
M include/wx/buffer.h
M tests/strings/strings.cpp
Log Message:
-----------
Avoid buffer read overflow in wxCharTypeBuffer ctor
Don't assume that the data is always followed by NUL.
Closes #26527.
Commit: ccff9fe0f3ef3cc812da9b56bd56b5bc3273ddec
https://github.com/wxWidgets/wxWidgets/commit/ccff9fe0f3ef3cc812da9b56bd56b5bc3273ddec
Author: Vadim Zeitlin <va...@wxwidgets.org>
Date: 2026-05-30 (Sat, 30 May 2026)
Changed paths:
M src/common/xpmdecod.cpp
M tests/image/image.cpp
Log Message:
-----------
Make recently added wxXPMDecoder test case really pass
We need to use memmove() and not strncpy() in wxXPMDecoder code as
nothing guarantees that the source and destination regions don't overlap
and they did overlap, in fact, for the test case added as part of
46f928d057 (Fix buffer overflow on invalid width in wxXPMDecoder,
2026-05-27).
Also make the test itself more explicit by hard-coding the test XPM
instead of constructing it dynamically.
See #26519.
Compare: https://github.com/wxWidgets/wxWidgets/compare/262cec29155e...ccff9fe0f3ef
To unsubscribe from these emails, change your notification settings at https://github.com/wxWidgets/wxWidgets/settings/notifications
Reply all
Reply to author
Forward
0 new messages