[ros-diffs] [weiden] 15149: prevent buffer overflow,
LoadString accepts the size of the buffer in TCHARs,
not in bytes! Please guys,
read the documentation of the function _before_ you use it...
weiden at svn.reactos.com
weiden at svn.reactos.com
Sun May 8 21:22:30 CEST 2005
prevent buffer overflow, LoadString accepts the size of the buffer in
TCHARs, not in bytes! Please guys, read the documentation of the
function _before_ you use it...
Modified: trunk/reactos/subsys/system/cmd/copy.c
Modified: trunk/reactos/subsys/system/cmd/del.c
Modified: trunk/reactos/subsys/system/cmd/for.c
Modified: trunk/reactos/subsys/system/cmd/timer.c
Modified: trunk/reactos/subsys/system/cmd/ver.c
Modified: trunk/reactos/subsys/system/taskmgr/applpage.c
Modified: trunk/reactos/subsys/system/taskmgr/trayicon.c
_____
Modified: trunk/reactos/subsys/system/cmd/copy.c
--- trunk/reactos/subsys/system/cmd/copy.c 2005-05-08 19:14:18 UTC
(rev 15148)
+++ trunk/reactos/subsys/system/cmd/copy.c 2005-05-08 19:22:28 UTC
(rev 15149)
@@ -299,7 +299,7 @@
LPTSTR p;
TCHAR szOptions[4];
- LoadString( CMD_ModuleHandle, STRING_COPY_OPTION, szOptions, 4);
+ LoadString( CMD_ModuleHandle, STRING_COPY_OPTION, szOptions,
sizeof(szOptions) / sizeof(szOptions[0]) );
ConOutResPuts(STRING_COPY_HELP1);
@@ -760,7 +760,7 @@
DeleteFileList (sources);
freep ((VOID*)p);
- LoadString( CMD_ModuleHandle, STRING_COPY_FILE, (LPTSTR)
szMsg,sizeof(szMsg));
+ LoadString( CMD_ModuleHandle, STRING_COPY_FILE, szMsg,
RC_STRING_MAX_SIZE);
ConOutPrintf (szMsg, copied);
return 1;
_____
Modified: trunk/reactos/subsys/system/cmd/del.c
--- trunk/reactos/subsys/system/cmd/del.c 2005-05-08 19:14:18 UTC
(rev 15148)
+++ trunk/reactos/subsys/system/cmd/del.c 2005-05-08 19:22:28 UTC
(rev 15149)
@@ -71,9 +71,9 @@
HANDLE fh;
WIN32_FIND_DATA f;
LONGLONG FileSize;
- TCHAR szMsg[RC_STRING_MAX_SIZE];
+ TCHAR szMsg[RC_STRING_MAX_SIZE];
- LoadString( CMD_ModuleHandle, STRING_DELETE_WIPE,
(LPTSTR) szMsg,sizeof(szMsg));
+ LoadString( CMD_ModuleHandle, STRING_DELETE_WIPE, szMsg,
RC_STRING_MAX_SIZE);
fh = FindFirstFile(lpFileName, &f);
FileSize = ((LONGLONG)f.nFileSizeHigh *
((LONGLONG)MAXDWORD+1)) + (LONGLONG)f.nFileSizeLow;
_____
Modified: trunk/reactos/subsys/system/cmd/for.c
--- trunk/reactos/subsys/system/cmd/for.c 2005-05-08 19:14:18 UTC
(rev 15148)
+++ trunk/reactos/subsys/system/cmd/for.c 2005-05-08 19:22:28 UTC
(rev 15149)
@@ -68,7 +68,7 @@
/* Check that first element is % then an alpha char followed by
space */
if ((*param != _T('%')) || !_istalpha (*(param + 1)) ||
!_istspace (*(param + 2)))
{
- LoadString( CMD_ModuleHandle, STRING_FOR_ERROR, (LPTSTR)
szMsg,sizeof(szMsg));
+ LoadString( CMD_ModuleHandle, STRING_FOR_ERROR, szMsg,
RC_STRING_MAX_SIZE);
error_syntax (szMsg);
return 1;
}
_____
Modified: trunk/reactos/subsys/system/cmd/timer.c
--- trunk/reactos/subsys/system/cmd/timer.c 2005-05-08 19:14:18 UTC
(rev 15148)
+++ trunk/reactos/subsys/system/cmd/timer.c 2005-05-08 19:22:28 UTC
(rev 15149)
@@ -107,7 +107,7 @@
return 0;
}
- LoadString( CMD_ModuleHandle, STRING_TIMER_TIME, (LPTSTR)
szMsg,sizeof(szMsg));
+ LoadString( CMD_ModuleHandle, STRING_TIMER_TIME, szMsg,
RC_STRING_MAX_SIZE);
p = split (param, &argc, FALSE);
_____
Modified: trunk/reactos/subsys/system/cmd/ver.c
--- trunk/reactos/subsys/system/cmd/ver.c 2005-05-08 19:14:18 UTC
(rev 15148)
+++ trunk/reactos/subsys/system/cmd/ver.c 2005-05-08 19:22:28 UTC
(rev 15149)
@@ -46,8 +46,8 @@
(RosVersion - VersionInfo.szCSDVersion);
if (7 <= RosVersionLen && 0 == _tcsnicmp(RosVersion,
_T("ReactOS"), 7))
{
- LoadString( CMD_ModuleHandle,
STRING_VERSION_RUNVER, (LPTSTR) szMsg,sizeof(szMsg));
- ConOutPrintf (szMsg, RosVersion);
+ LoadString( CMD_ModuleHandle,
STRING_VERSION_RUNVER, (LPTSTR) szMsg, RC_STRING_MAX_SIZE);
+ ConOutPrintf (szMsg, RosVersion);
}
}
ConOutPuts (_T("\n"));
_____
Modified: trunk/reactos/subsys/system/taskmgr/applpage.c
--- trunk/reactos/subsys/system/taskmgr/applpage.c 2005-05-08
19:14:18 UTC (rev 15148)
+++ trunk/reactos/subsys/system/taskmgr/applpage.c 2005-05-08
19:22:28 UTC (rev 15149)
@@ -489,7 +489,7 @@
LPNM_LISTVIEW pnmv;
LV_DISPINFO* pnmdi;
LPAPPLICATION_PAGE_LIST_ITEM pAPLI;
- TCHAR szMsg[256];
+ TCHAR szMsg[256];
idctrl = (int) wParam;
@@ -516,15 +516,15 @@
else if (pnmdi->item.iSubItem == 1)
{
if (pAPLI->bHung)
- {
- LoadString(
GetModuleHandle(NULL), IDS_Not_Responding , (LPTSTR)
szMsg,sizeof(szMsg));
+ {
+ LoadString( GetModuleHandle(NULL),
IDS_Not_Responding , szMsg, sizeof(szMsg) / sizeof(szMsg[0]));
_tcsncpy(pnmdi->item.pszText, szMsg,
pnmdi->item.cchTextMax);
- }
+ }
else
- {
- LoadString( GetModuleHandle(NULL), IDS_Running,
(LPTSTR) szMsg,sizeof(szMsg));
+ {
+ LoadString( GetModuleHandle(NULL), IDS_Running,
(LPTSTR) szMsg, sizeof(szMsg) / sizeof(szMsg[0]));
_tcsncpy(pnmdi->item.pszText, szMsg,
pnmdi->item.cchTextMax);
- }
+ }
}
break;
_____
Modified: trunk/reactos/subsys/system/taskmgr/trayicon.c
--- trunk/reactos/subsys/system/taskmgr/trayicon.c 2005-05-08
19:14:18 UTC (rev 15148)
+++ trunk/reactos/subsys/system/taskmgr/trayicon.c 2005-05-08
19:22:28 UTC (rev 15149)
@@ -149,7 +149,7 @@
nid.hIcon = hIcon;
- LoadString( GetModuleHandle(NULL), IDS_MSG_TRAYICONCPUUSAGE,
(LPTSTR) szMsg,sizeof(szMsg));
+ LoadString( GetModuleHandle(NULL), IDS_MSG_TRAYICONCPUUSAGE, szMsg,
sizeof(szMsg) / sizeof(szMsg[0]));
wsprintf(nid.szTip, szMsg, PerfDataGetProcessorUsage());
bRetVal = Shell_NotifyIcon(NIM_ADD, &nid);
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.reactos.org/pipermail/ros-diffs/attachments/20050508/c1f28c66/attachment.html
More information about the Ros-diffs
mailing list