From 38b71192dd70336eba219994b0a4219a48e4cbe1 Mon Sep 17 00:00:00 2001
From: Martin Jackson <jacksonmj.mail@gmail.com>
Date: Sun, 10 Sep 2017 00:37:48 +0200
Subject: [PATCH] windows: wc_to_utf8(): Fix a WCHAR related issue causing
 crashes.

In wc_to_utf8() in windows.c, the zero terminator is written to an invalid
array index, which results in 2 bytes being zeroed in a random place in the
stack. This sometimes causes a crash when running sp_list_ports() (depending
on string length and compiler optimisation settings).

sizeof(wc_str) returns the size in bytes, so cannot be used directly as an
index into that array, it should be divided by sizeof(WCHAR). Otherwise the
zero terminator index is approximately twice what it should be.

This fixes bug #1031.
---
 windows.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/windows.c b/windows.c
index 644a701..360da73 100644
--- a/windows.c
+++ b/windows.c
@@ -30,12 +30,13 @@ static void enumerate_hub(struct sp_port *port, const char *hub_name,
 
 static char *wc_to_utf8(PWCHAR wc_buffer, ULONG size)
 {
-	WCHAR wc_str[(size / sizeof(WCHAR)) + 1];
+	ULONG wc_length = size / sizeof(WCHAR);
+	WCHAR wc_str[wc_length + 1];
 	char *utf8_str;
 
 	/* Zero-terminate the wide char string. */
 	memcpy(wc_str, wc_buffer, size);
-	wc_str[sizeof(wc_str) - 1] = 0;
+	wc_str[wc_length] = 0;
 
 	/* Compute the size of the UTF-8 converted string. */
 	if (!(size = WideCharToMultiByte(CP_ACP, WC_NO_BEST_FIT_CHARS, wc_str, -1,