From 6e8924237351d57eccf7af6726ab1746f1404401 Mon Sep 17 00:00:00 2001 From: Javier Date: Tue, 18 Mar 2025 13:26:31 -0500 Subject: [PATCH] Multiple fixes to address DD CodeQL requirements (#18451) After taking in 1.22, our CodeQL process caught a few locations where we weren't following the right guidance: - Performing integer comparisons of different sizes which could lead to an infinite loop if the larger integer goes out of range of the smaller integer - Not checking HResult of a called method Co-authored-by: aphistra <102989060+aphistra@users.noreply.github.com> --- src/buffer/out/Row.cpp | 2 +- src/renderer/gdi/paint.cpp | 3 ++- src/terminal/adapter/SixelParser.cpp | 2 +- src/terminal/adapter/charsets.hpp | 2 +- 4 files changed, 5 insertions(+), 4 deletions(-) diff --git a/src/buffer/out/Row.cpp b/src/buffer/out/Row.cpp index 63ba83f4cd..859d3b9f58 100644 --- a/src/buffer/out/Row.cpp +++ b/src/buffer/out/Row.cpp @@ -431,7 +431,7 @@ OutputCellIterator ROW::WriteCells(OutputCellIterator it, const til::CoordType c THROW_HR_IF(E_INVALIDARG, limitRight.value_or(0) >= size()); // If we're given a right-side column limit, use it. Otherwise, the write limit is the final column index available in the char row. - const auto finalColumnInRow = limitRight.value_or(size() - 1); + const auto finalColumnInRow = gsl::narrow_cast(limitRight.value_or(size() - 1)); auto currentColor = it->TextAttr(); uint16_t colorUses = 0; diff --git a/src/renderer/gdi/paint.cpp b/src/renderer/gdi/paint.cpp index 86db0de940..20c27b1e61 100644 --- a/src/renderer/gdi/paint.cpp +++ b/src/renderer/gdi/paint.cpp @@ -574,7 +574,8 @@ try } const auto cpt = gsl::narrow_cast(points.size()); - return PolyBezier(_hdcMemoryContext, points.data(), cpt); + RETURN_HR_IF(E_FAIL, !PolyBezier(_hdcMemoryContext, points.data(), cpt)); + return S_OK; }; if (lines.test(GridLines::Left)) diff --git a/src/terminal/adapter/SixelParser.cpp b/src/terminal/adapter/SixelParser.cpp index 979dd42371..60e7fecaee 100644 --- a/src/terminal/adapter/SixelParser.cpp +++ b/src/terminal/adapter/SixelParser.cpp @@ -610,7 +610,7 @@ void SixelParser::_updateTextColors() // the text output as well. if (_conformanceLevel <= 3 && _maxColors > 2 && _colorTableChanged) [[unlikely]] { - for (IndexType tableIndex = 0; tableIndex < _maxColors; tableIndex++) + for (IndexType tableIndex = 0; _maxColors <= 16 && tableIndex < _maxColors; tableIndex++) { _dispatcher.SetColorTableEntry(tableIndex, _colorFromIndex(tableIndex)); } diff --git a/src/terminal/adapter/charsets.hpp b/src/terminal/adapter/charsets.hpp index bc81e31e72..72b441facc 100644 --- a/src/terminal/adapter/charsets.hpp +++ b/src/terminal/adapter/charsets.hpp @@ -19,7 +19,7 @@ namespace Microsoft::Console::VirtualTerminal public: constexpr CharSet(const std::initializer_list> replacements) { - for (auto i = L'\0'; i < _translationTable.size(); i++) + for (auto i = L'\0'; i < gsl::narrow_cast(_translationTable.size()); i++) _translationTable.at(i) = BaseChar + i; for (auto replacement : replacements) _translationTable.at(replacement.first - BaseChar) = replacement.second;