mirror of
https://github.com/ggerganov/llama.cpp.git
synced 2025-01-26 03:12:23 +01:00
Fix heap corruption from wmode out-of-bound writes on windows (#6272)
* would throw error on VS2022 on GGML_FREE(wmode) * wchar_t is usually 2 bytes, but malloc wants bytes * therefore `*wmode_p++ = (wchar_t)*mode;` could write off the end of the allocation * Fixes error possibly introduced by https://github.com/ggerganov/llama.cpp/pull/6248
This commit is contained in:
parent
a0e584defd
commit
a32b77c4b2
2
ggml.c
2
ggml.c
@ -465,7 +465,7 @@ FILE * ggml_fopen(const char * fname, const char * mode) {
|
|||||||
wchar_t * wfname = ggml_mbstowcs(fname);
|
wchar_t * wfname = ggml_mbstowcs(fname);
|
||||||
if (wfname) {
|
if (wfname) {
|
||||||
// convert mode (ANSI)
|
// convert mode (ANSI)
|
||||||
wchar_t * wmode = GGML_MALLOC(strlen(mode) + 1);
|
wchar_t * wmode = GGML_MALLOC((strlen(mode) + 1) * sizeof(wchar_t));
|
||||||
wchar_t * wmode_p = wmode;
|
wchar_t * wmode_p = wmode;
|
||||||
do {
|
do {
|
||||||
*wmode_p++ = (wchar_t)*mode;
|
*wmode_p++ = (wchar_t)*mode;
|
||||||
|
Loading…
Reference in New Issue
Block a user