mirror of https://github.com/pbatard/rufus.git
8a8e418751
* Whereas the length of the buffer allocated for the UTF-8 filename string is the same length as the UCS-2 (which means it can store twice as many UTF-8 bytes as there are characters in the filename), it is still possible for the converted UTF-8 string to overflow this buffer if the name contains glyphs that use 3 or 4-byte sequences. * As a result, use strncpy with the actual size of the UTF-8 filename buffer (the following bytes are calloc'd to zero so the truncated string will be NUL terminated) and produce a warning if the filename is truncated. * Vulnerability discovered and reported by Mansour Gashasbi (@gashasbi). |
||
|---|---|---|
| .. | ||
| Makefile.am | ||
| Makefile.in | ||
| iso9660.c | ||
| iso9660_fs.c | ||
| iso9660_private.h | ||
| rock.c | ||
| xa.c | ||