Fix: prevent integer overflow and underflow in terminal width check

- Updated `athr_terminal_win32.c` to separate overflow and underflow checks. - Added explicit handler for underflow with a suitable error message. The changes rectify a vulnerability where terminal width could trigger unexpected behavior by preventing underflow. This ensures robust error handling by providing specific feedback for both overflow and underflow cases. 🚀
horta · Nov 8, 2024 · 9adcc9e · 9adcc9e
1 parent 9cbc71d
commit 9adcc9e
Showing 1 changed file with 7 additions and 1 deletion.
diff --git a/athr_terminal_win32.c b/athr_terminal_win32.c
@@ -40,7 +40,13 @@ static long tput_cols(void)
         goto cleanup;
     }
 
-    if (tentative < 0 || tentative > UINT_MAX)
+    if (tentative < 0)
+    {
+        error("ncols underflow");
+        goto cleanup;
+    }
+
+    if ((unsigned long)tentative > UINT_MAX)
     {
         error("ncols overflow");
         goto cleanup;