From mboxrd@z Thu Jan 1 00:00:00 1970 From: Yoann Padioleau To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Date: Wed, 18 Jun 2014 18:13:26 +0000 Message-ID: <229B5D7C-7229-4C18-8967-3D1FC9AFD373@fb.com> References: <0F299083-D3D8-456F-AD09-350117E95B9B@fb.com> <861c79d1a310a6b4af938597e50d0cf6@brasstown.quanstro.net> In-Reply-To: <861c79d1a310a6b4af938597e50d0cf6@brasstown.quanstro.net> Content-Type: text/plain; charset="us-ascii" Content-ID: Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [9fans] possible buffer overflow in devcons.c? Topicbox-Message-UUID: fb52d276-ead8-11e9-9d60-3106f5b1d025 Well, hard to grep for '3' in a big codebase. They should have used UTFMAX = in the first place. I see though that currently in libc.h I have enum { UTFmax =3D 4, /* maximum bytes per rune */ Runesync =3D 0x80, /* cannot represent part of a UTF sequence (<) */ Runeself =3D 0x80, /* rune and UTF sequences are the same (<) */ Runeerror =3D 0xFFFD, /* decoding error in UTF */ Runemax =3D 0x10FFFF, /* 21-bit rune */ Runemask =3D 0x1FFFFF, /* bits used by runes (see grep) */ }; so Runemax seems to indicate we never produce rune using more than 3 bytes = no? So maybe buf[3] is safe? On Jun 18, 2014, at 10:36 AM, erik quanstrom wrote: > On Wed Jun 18 13:36:09 EDT 2014, mirtchovski@gmail.com wrote: >> used to be 3 :) >>=20 >> "UTFmax, defined as 3 in , is the maximum number of bytes >> required to represent a rune." >=20 > which is exactly why this should have been caught. > this one's my fault. >=20 > - erik >=20