[ros-diffs] [cgutman] 41589: - We only need 11 chars to hold our 32-bit integer and the trailing NULL char - Make sure we don't overread our buffer
cgutman at svn.reactos.org
cgutman at svn.reactos.org
Tue Jun 23 16:47:49 CEST 2009
Author: cgutman
Date: Tue Jun 23 18:47:48 2009
New Revision: 41589
URL: http://svn.reactos.org/svn/reactos?rev=41589&view=rev
Log:
- We only need 11 chars to hold our 32-bit integer and the trailing NULL char
- Make sure we don't overread our buffer
Modified:
trunk/reactos/drivers/network/ndis/ndis/config.c
Modified: trunk/reactos/drivers/network/ndis/ndis/config.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/drivers/network/ndis/ndis/config.c?rev=41589&r1=41588&r2=41589&view=diff
==============================================================================
--- trunk/reactos/drivers/network/ndis/ndis/config.c [iso-8859-1] (original)
+++ trunk/reactos/drivers/network/ndis/ndis/config.c [iso-8859-1] Tue Jun 23 18:47:48 2009
@@ -65,7 +65,7 @@
ULONG ParameterType;
ULONG DataSize;
PVOID Data;
- WCHAR Buff[25];
+ WCHAR Buff[11];
NDIS_DbgPrint(MAX_TRACE, ("Called.\n"));
@@ -86,6 +86,7 @@
ParameterValue->ParameterData.IntegerData,
(ParameterValue->ParameterType == NdisParameterInteger) ? 10 : 16, &Str)))
{
+ NDIS_DbgPrint(MIN_TRACE, ("RtlIntegerToUnicodeString failed (%x)\n", *Status));
*Status = NDIS_STATUS_FAILURE;
return;
}
@@ -674,7 +675,7 @@
if (ParameterValue->ParameterType == NdisParameterInteger)
{
- WCHAR Buff[25];
+ WCHAR Buff[11];
NDIS_DbgPrint(MAX_TRACE, ("Read integer data %lx\n",
ParameterValue->ParameterData.IntegerData));
@@ -702,7 +703,7 @@
str = ParameterValue->ParameterData.StringData;
}
- while (str.Buffer[j] != '\0') j++;
+ while (str.Buffer[j] != '\0' && j < str.Length) j++;
*NetworkAddressLength = (UINT)((j/2)+0.5);
More information about the Ros-diffs
mailing list