mirror of https://github.com/pbatard/rufus.git
8a8e418751
* Whereas the length of the buffer allocated for the UTF-8 filename string is the same length as the UCS-2 (which means it can store twice as many UTF-8 bytes as there are characters in the filename), it is still possible for the converted UTF-8 string to overflow this buffer if the name contains glyphs that use 3 or 4-byte sequences. * As a result, use strncpy with the actual size of the UTF-8 filename buffer (the following bytes are calloc'd to zero so the truncated string will be NUL terminated) and produce a warning if the filename is truncated. * Vulnerability discovered and reported by Mansour Gashasbi (@gashasbi). |
||
|---|---|---|
| .. | ||
| cdio | ||
| driver | ||
| iso9660 | ||
| mmc | ||
| udf | ||
| .editorconfig | ||
| config.h | ||