commit f0c0c9d89be6761e8c057f4fb64f7af532a7ed86
author Tomasz Gucio <72562119+tgucio@users.noreply.github.com> Fri Aug 05 01:17:42 2022 +0200
committer GitHub <noreply@github.com> Thu Aug 04 16:17:42 2022 -0700
tree 8a545d3efaf2e3038ce1a830a1a835f1261c0563
parent 01464063c6b63aa44a8e3d732fbfb49969e2b652

[camera_windows] Check string size before Win32 MultiByte <-> WideChar conversions (#6170)

This PR adds a check for string max length in Utf8FromUtf16 and Utf16FromUtf8, similar to flutter/flutter#99729 / flutter/flutter#94608.

packages/camera/camera_windows/CHANGELOG.md

diff --git a/packages/camera/camera_windows/CHANGELOG.md b/packages/camera/camera_windows/CHANGELOG.md
index ef0fad4..16ce26a 100644
--- a/packages/camera/camera_windows/CHANGELOG.md
+++ b/packages/camera/camera_windows/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 0.2.1
+
+* Adds a check for string size before Win32 MultiByte <-> WideChar conversions
+
 ## 0.2.0
 
 **BREAKING CHANGES**:

packages/camera/camera_windows/pubspec.yaml

diff --git a/packages/camera/camera_windows/pubspec.yaml b/packages/camera/camera_windows/pubspec.yaml
index 9cf1793..540a445 100644
--- a/packages/camera/camera_windows/pubspec.yaml
+++ b/packages/camera/camera_windows/pubspec.yaml
@@ -2,7 +2,7 @@
 description: A Flutter plugin for getting information about and controlling the camera on Windows.
 repository: https://github.com/flutter/plugins/tree/main/packages/camera/camera_windows
 issue_tracker: https://github.com/flutter/flutter/issues?q=is%3Aissue+is%3Aopen+label%3A%22p%3A+camera%22
-version: 0.2.0
+version: 0.2.1
 
 environment:
   sdk: ">=2.12.0 <3.0.0"

packages/camera/camera_windows/windows/string_utils.cpp

diff --git a/packages/camera/camera_windows/windows/string_utils.cpp b/packages/camera/camera_windows/windows/string_utils.cpp
index 2e60e1b..34b1336 100644
--- a/packages/camera/camera_windows/windows/string_utils.cpp
+++ b/packages/camera/camera_windows/windows/string_utils.cpp
@@ -19,10 +19,10 @@
   int target_length = ::WideCharToMultiByte(
       CP_UTF8, WC_ERR_INVALID_CHARS, utf16_string.data(),
       static_cast<int>(utf16_string.length()), nullptr, 0, nullptr, nullptr);
-  if (target_length == 0) {
-    return std::string();
-  }
   std::string utf8_string;
+  if (target_length == 0 || target_length > utf8_string.max_size()) {
+    return utf8_string;
+  }
   utf8_string.resize(target_length);
   int converted_length = ::WideCharToMultiByte(
       CP_UTF8, WC_ERR_INVALID_CHARS, utf16_string.data(),
@@ -42,10 +42,10 @@
   int target_length =
       ::MultiByteToWideChar(CP_UTF8, MB_ERR_INVALID_CHARS, utf8_string.data(),
                             static_cast<int>(utf8_string.length()), nullptr, 0);
-  if (target_length == 0) {
-    return std::wstring();
-  }
   std::wstring utf16_string;
+  if (target_length == 0 || target_length > utf16_string.max_size()) {
+    return utf16_string;
+  }
   utf16_string.resize(target_length);
   int converted_length =
       ::MultiByteToWideChar(CP_UTF8, MB_ERR_INVALID_CHARS, utf8_string.data(),