From c7064c18b9fecfb02c605e32448a81d8d8dbe173 Mon Sep 17 00:00:00 2001
From: deepend-tildeclub <deepend@tilde.club>
Date: Wed, 20 May 2026 14:51:06 -0600
Subject: [PATCH 1/4] Clamp spell-provider length casts on Win32

---
 src/libenchant_win8/win8_provider.cpp | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/src/libenchant_win8/win8_provider.cpp b/src/libenchant_win8/win8_provider.cpp
index 1a95edc4..9d017a9c 100644
--- a/src/libenchant_win8/win8_provider.cpp
+++ b/src/libenchant_win8/win8_provider.cpp
@@ -26,12 +26,19 @@
 #include <windows.h>
 
 #include <cstdlib>
+#include <climits>
 
 #include "typedef.h" // for ssize_t
 #include <enchant-provider.h>
 
 ENCHANT_PLUGIN_DECLARE ("win8")
 
+static int
+size_to_int (size_t value)
+{
+	return value > static_cast<size_t>(INT_MAX) ? INT_MAX : static_cast<int>(value);
+}
+
 static char *
 utf16_to_utf8 (const wchar_t * const str, bool from_bcp47)
 {
@@ -136,7 +143,7 @@ static void
 win8_dict_add_to_personal (EnchantDict *dict, const char *const word, size_t len)
 {
 	auto checker = static_cast<ISpellChecker*>(dict->user_data);
-	wchar_t *wword = utf8_to_utf16 (word, static_cast<int>(len), false);
+	wchar_t *wword = utf8_to_utf16 (word, size_to_int (len), false);
 
 	checker->Add (wword);
 	std::free (wword);
@@ -146,7 +153,7 @@ static void
 win8_dict_add_to_session (EnchantDict *dict, const char *const word, size_t len)
 {
 	auto checker = static_cast<ISpellChecker*>(dict->user_data);
-	wchar_t *wword = utf8_to_utf16 (word, static_cast<int>(len), false);
+	wchar_t *wword = utf8_to_utf16 (word, size_to_int (len), false);
 
 	checker->Ignore (wword);
 	std::free (wword);
@@ -156,7 +163,7 @@ static int
 win8_dict_check (EnchantDict *dict, const char *const word, size_t len)
 {
 	auto checker = static_cast<ISpellChecker*>(dict->user_data);
-	wchar_t *wword = utf8_to_utf16 (word, static_cast<int>(len), false);
+	wchar_t *wword = utf8_to_utf16 (word, size_to_int (len), false);
 	IEnumSpellingError *errors;
 	ISpellingError *error = nullptr;
 	HRESULT hr;
@@ -184,7 +191,7 @@ static char **
 win8_dict_suggest (EnchantDict *dict, const char *const word, size_t len, size_t *out_n_suggs)
 {
 	auto checker = static_cast<ISpellChecker*>(dict->user_data);
-	wchar_t *wword = utf8_to_utf16 (word, static_cast<int>(len), false);
+	wchar_t *wword = utf8_to_utf16 (word, size_to_int (len), false);
 	IEnumString *suggestions;
 	HRESULT hr;
 

From 9a0c07a461174cdf658b447f1efc6ed4ba12b376 Mon Sep 17 00:00:00 2001
From: deepend-tildeclub <deepend@tilde.club>
Date: Wed, 20 May 2026 15:22:06 -0600
Subject: [PATCH 2/4] Clean up Win32 size/length casts

---
 src/fe-gtk/chanlist.c | 2 +-
 src/fe-gtk/gtkutil.c  | 2 +-
 src/fe-gtk/menu.c     | 4 ++--
 src/fe-gtk/setup.c    | 2 +-
 4 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/fe-gtk/chanlist.c b/src/fe-gtk/chanlist.c
index 43685fab..e652c669 100644
--- a/src/fe-gtk/chanlist.c
+++ b/src/fe-gtk/chanlist.c
@@ -452,7 +452,7 @@ void
 fe_add_chan_list (server *serv, char *chan, char *users, char *topic)
 {
 	chanlistrow *next_row;
-	int len = strlen (chan) + 1;
+	size_t len = strlen (chan) + 1;
 
 	/* we allocate the struct and channel string in one go */
 	next_row = g_malloc (sizeof (chanlistrow) + len);
diff --git a/src/fe-gtk/gtkutil.c b/src/fe-gtk/gtkutil.c
index 7853466d..e4cf1790 100644
--- a/src/fe-gtk/gtkutil.c
+++ b/src/fe-gtk/gtkutil.c
@@ -976,7 +976,7 @@ gtkutil_copy_to_clipboard (GtkWidget *widget, GdkAtom selection,
 	win = gtk_widget_get_toplevel (GTK_WIDGET (widget));
 	if (gtk_widget_is_toplevel (win))
 	{
-		int len = strlen (str);
+		gint len = (gint) strlen (str);
 
 		if (selection)
 		{
diff --git a/src/fe-gtk/menu.c b/src/fe-gtk/menu.c
index 90fa4847..6f7e2f09 100644
--- a/src/fe-gtk/menu.c
+++ b/src/fe-gtk/menu.c
@@ -2309,7 +2309,7 @@ menu_reorder (GtkMenu *menu, GtkWidget *item, int pos)
 	if (pos < 0)	/* position offset from end/bottom */
 	{
 		GList *children = gtk_container_get_children (GTK_CONTAINER (menu));
-		int length = g_list_length (children);
+		gint length = (gint) g_list_length (children);
 
 		g_list_free (children);
 		gtk_menu_reorder_child (menu, item, (length + pos) - 1);
@@ -2381,7 +2381,7 @@ menu_add_sub (GtkWidget *menu, menu_entry *me)
 		if (pos < 0)	/* position offset from end/bottom */
 		{
 			GList *children = gtk_container_get_children (GTK_CONTAINER (menu));
-			int length = g_list_length (children);
+			gint length = (gint) g_list_length (children);
 
 			g_list_free (children);
 			pos = length + pos;
diff --git a/src/fe-gtk/setup.c b/src/fe-gtk/setup.c
index 7ae99106..47c23e76 100644
--- a/src/fe-gtk/setup.c
+++ b/src/fe-gtk/setup.c
@@ -2180,7 +2180,7 @@ unslash (char *dir)
 {
         if (dir[0])
         {
-                int len = strlen (dir) - 1;
+                size_t len = strlen (dir) - 1;
 #ifdef WIN32
                 if (dir[len] == '/' || dir[len] == '\\')
 #else

From cec7e2caf3edb69848c30990336f673bda5a79a9 Mon Sep 17 00:00:00 2001
From: deepend-tildeclub <deepend@tilde.club>
Date: Wed, 20 May 2026 15:34:19 -0600
Subject: [PATCH 3/4] Use size_t for strlen length temporaries

---
 src/common/outbound.c  | 2 +-
 src/common/proto-irc.c | 2 +-
 src/common/url.c       | 2 +-
 src/common/util.c      | 2 +-
 src/fe-gtk/setup.c     | 2 +-
 src/fe-text/fe-text.c  | 3 ++-
 6 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/src/common/outbound.c b/src/common/outbound.c
index 9fab4a75..7211f000 100644
--- a/src/common/outbound.c
+++ b/src/common/outbound.c
@@ -4397,7 +4397,7 @@ void
 check_special_chars (char *cmd, int do_ascii) /* check for %X */
 {
 	int occur = 0;
-	int len = strlen (cmd);
+	size_t len = strlen (cmd);
 	char *buf, *utf;
 	char tbuf[4];
 	int i = 0, j = 0;
diff --git a/src/common/proto-irc.c b/src/common/proto-irc.c
index 7a163f73..12fcb579 100644
--- a/src/common/proto-irc.c
+++ b/src/common/proto-irc.c
@@ -1017,7 +1017,7 @@ process_named_msg (session *sess, char *type, char *word[], char *word_eol[],
 	char *account;
 	char ip[128], nick[NICKLEN];
 	char *text, *ex;
-	int len = strlen (type);
+	size_t len = strlen (type);
 
 	/* fill in the "ip" and "nick" buffers */
 	ex = strchr (word[1], '!');
diff --git a/src/common/url.c b/src/common/url.c
index e49138dd..4966db30 100644
--- a/src/common/url.c
+++ b/src/common/url.c
@@ -321,7 +321,7 @@ url_check_line (char *buf)
 	for (i = 0; i < ARRAY_SIZE (commands); i++)
 	{
 		char *cmd = commands[i];
-		int len = strlen (cmd);
+		size_t len = strlen (cmd);
 
 		if (strncmp (cmd, po, len) == 0)
 		{
diff --git a/src/common/util.c b/src/common/util.c
index f8a5f5bf..77f286a6 100644
--- a/src/common/util.c
+++ b/src/common/util.c
@@ -98,7 +98,7 @@ path_part (char *file, char *path, int pathlen)
 char *				/* like strstr(), but nocase */
 nocasestrstr (const char *s, const char *wanted)
 {
-	register const int len = strlen (wanted);
+	register const size_t len = strlen (wanted);
 
 	if (len == 0)
 		return (char *)s;
diff --git a/src/fe-gtk/setup.c b/src/fe-gtk/setup.c
index 47c23e76..cff68ad8 100644
--- a/src/fe-gtk/setup.c
+++ b/src/fe-gtk/setup.c
@@ -1364,7 +1364,7 @@ setup_entry_cb (GtkEntry *entry, setting *set)
         int size;
         int pos;
         unsigned char *p = (unsigned char*)gtk_entry_get_text (entry);
-        int len = strlen (p);
+        size_t len = strlen ((const char *) p);
 
         /* need to truncate? */
         if (len >= set->extra)
diff --git a/src/fe-text/fe-text.c b/src/fe-text/fe-text.c
index 9e68a333..7a03446b 100644
--- a/src/fe-text/fe-text.c
+++ b/src/fe-text/fe-text.c
@@ -313,7 +313,8 @@ fe_print_text (struct session *sess, char *text, time_t stamp,
 			   gboolean no_activity)
 {
 	int dotime = FALSE;
-	int comma, k, i = 0, j = 0, len = strlen (text);
+	int comma, k, i = 0, j = 0;
+	size_t len = strlen (text);
 
 	unsigned char *newtext = g_malloc (len + 1024);
 

From c49b757be64de6b0b1c46bd575a96503f9b68a4b Mon Sep 17 00:00:00 2001
From: deepend-tildeclub <deepend@tilde.club>
Date: Wed, 20 May 2026 15:51:07 -0600
Subject: [PATCH 4/4] Clamp Win32 sysinfo UTF length casts

---
 src/common/sysinfo/win32/backend.c | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/src/common/sysinfo/win32/backend.c b/src/common/sysinfo/win32/backend.c
index 37f003d2..b69532bb 100644
--- a/src/common/sysinfo/win32/backend.c
+++ b/src/common/sysinfo/win32/backend.c
@@ -22,6 +22,7 @@
 
 #include <ctype.h>
 #include <inttypes.h>
+#include <limits.h>
 #include <stdarg.h>
 #include <stdbool.h>
 #include <stdint.h>
@@ -74,6 +75,18 @@ typedef struct
 static bool string_builder_init (StringBuilder *builder);
 static void string_builder_free (StringBuilder *builder);
 static bool string_builder_append (StringBuilder *builder, const char *text);
+static int size_to_int (size_t value);
+
+static int
+size_to_int (size_t value)
+{
+	if (value > (size_t) INT_MAX)
+	{
+		return INT_MAX;
+	}
+
+	return (int) value;
+}
 
 char *
 sysinfo_get_cpu (void)
@@ -511,6 +524,7 @@ static char *read_hdd_info (IWbemClassObject *object)
 static char *bstr_to_utf8 (BSTR bstr)
 {
 	int utf8_len;
+	int wide_len;
 	char *utf8;
 
 	if (bstr == NULL)
@@ -518,7 +532,8 @@ static char *bstr_to_utf8 (BSTR bstr)
 		return NULL;
 	}
 
-	utf8_len = WideCharToMultiByte (CP_UTF8, 0, bstr, SysStringLen (bstr), NULL, 0, NULL, NULL);
+	wide_len = size_to_int ((size_t) SysStringLen (bstr));
+	utf8_len = WideCharToMultiByte (CP_UTF8, 0, bstr, wide_len, NULL, 0, NULL, NULL);
 	if (utf8_len <= 0)
 	{
 		return NULL;
@@ -530,7 +545,7 @@ static char *bstr_to_utf8 (BSTR bstr)
 		return NULL;
 	}
 
-	if (WideCharToMultiByte (CP_UTF8, 0, bstr, SysStringLen (bstr), utf8, utf8_len, NULL, NULL) <= 0)
+	if (WideCharToMultiByte (CP_UTF8, 0, bstr, wide_len, utf8, utf8_len, NULL, NULL) <= 0)
 	{
 		free (utf8);
 		return NULL;