Zsh Mailing List Archive Messages sorted by: Reverse Date, Date, Thread, Author

PATCH 1/3: Fix buffer overflow and wrong behavior in url_encode

X-seq: zsh-workers 54490
From: Mikael Magnusson <mikachu@xxxxxxxxx>
To: zsh-workers@xxxxxxx
Subject: PATCH 1/3: Fix buffer overflow and wrong behavior in url_encode
Date: Thu, 7 May 2026 05:59:25 +0200
Archived-at: <https://zsh.org/workers/54490>
List-id: <zsh-workers.zsh.org>

For non-ascii bytes, we passed negative values around,
resulting in:
write(10, "/code/zsh/%FFFFFFC3%FFFFFFA5", 54) = 54
With the change, we get the more reasonable:
write(10, "/code/zsh/%C3%A5", 42) = 42
---

If anyone has strong opinions on where exactly this cast should happen,
feel free to let me know.

 Src/Zle/termquery.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Src/Zle/termquery.c b/Src/Zle/termquery.c
index aefc495f31..f5d5302297 100644
--- a/Src/Zle/termquery.c
+++ b/Src/Zle/termquery.c
@@ -619,7 +619,7 @@ static char*
 url_encode(const char* path, size_t *ulen)
 {
     char *url = zhalloc(strlen(path) * 3 + 1); /* worst case length triples */
-    const char *in = path;
+    const unsigned char *in = (const unsigned char*)path;
     char *out = url;
 
     for (; *in; in++) {
-- 
2.38.1

Follow-Ups:
- Re: PATCH 1/3: Fix buffer overflow and wrong behavior in url_encode
  - From: Philippe Altherr

Messages sorted by: Reverse Date, Date, Thread, Author