strdup16to8.c: fix benign integer underflow.

A size_t value is not allowed to go below zero.

Change-Id: Ic888c6605d911e0b5dbee1a2fe1daf41e616e106
This commit is contained in:
Nick Kralevich 2015-08-27 10:30:50 -07:00
parent 001c87c3cd
commit 2b98a9eec0
1 changed files with 6 additions and 3 deletions

View File

@ -55,7 +55,8 @@ extern size_t strnlen16to8(const char16_t* utf16Str, size_t len)
/* Fast path for the usual case where 3*len is < SIZE_MAX-1.
*/
if (len < (SIZE_MAX-1)/3) {
while (len--) {
while (len != 0) {
len--;
unsigned int uic = *utf16Str++;
if (uic > 0x07ff)
@ -69,7 +70,8 @@ extern size_t strnlen16to8(const char16_t* utf16Str, size_t len)
}
/* The slower but paranoid version */
while (len--) {
while (len != 0) {
len--;
unsigned int uic = *utf16Str++;
size_t utf8Cur = utf8Len;
@ -112,7 +114,8 @@ extern char* strncpy16to8(char* utf8Str, const char16_t* utf16Str, size_t len)
* strnlen16to8() properly or at a minimum checked the result of
* its malloc(SIZE_MAX) in case of overflow.
*/
while (len--) {
while (len != 0) {
len--;
unsigned int uic = *utf16Str++;
if (uic > 0x07ff) {