Fix buffer overflow

Turns out testing for an empty buffer outside the critical section wasn't a good idea (testing in a virtual 10 started the thread between the test and enter, causing buffer overflow in the small loop).
2017-12-26 18:43:56 +10:00 · 2017-12-26 18:43:56 +10:00 · 05e765c881
commit 05e765c881
parent 44e5941a08
2 changed files with 10 additions and 4 deletions
--- a/ANSI.c
+++ b/ANSI.c
@ -184,7 +184,8 @@
    combine multiple CRs as one (to ignore all CRs before LF);
    don't process CR or BS during CRM;
    don't flush CR immediately (to catch following LF);
-    fix CRM with all partial RM sequences.
+    fix CRM with all partial RM sequences;
+    check for the empty buffer within the critical section.
 */

 #include "ansicon.h"
@ -639,10 +640,14 @@ void FlushBuffer( void )
 {
  DWORD nWritten;

-  if (nCharInBuffer <= 0) return;
-
  EnterCriticalSection( &CritSect );

+  if (nCharInBuffer <= 0)
+  {
+    LeaveCriticalSection( &CritSect );
+    return;
+  }
+
  if (!awm && !im)
  {
    if (pState->crm)
--- a/readme.txt
+++ b/readme.txt
@ -336,7 +336,8 @@ Version History

    1.81-wip - 26 December, 2017:
    - fix multiple CRs before LF (including preventing an immediate flush);
-    - fix CR, BS and partial RM during CRM.
+    - fix CR, BS and partial RM during CRM;
+    - fix buffer overflow caused by incorrect critical section.

    1.80 - 24 December, 2017:
    - fix unloading;