[ros-diffs] [navaraf] 20008: Fix a buffer overflow in
OutputDebugStringA. Spotted by mbealby@gmail.com.
navaraf at svn.reactos.com
navaraf at svn.reactos.com
Fri Dec 9 18:06:05 CET 2005
Fix a buffer overflow in OutputDebugStringA. Spotted by
mbealby at gmail.com.
Modified: trunk/reactos/lib/kernel32/debug/output.c
_____
Modified: trunk/reactos/lib/kernel32/debug/output.c
--- trunk/reactos/lib/kernel32/debug/output.c 2005-12-09 14:59:10 UTC
(rev 20007)
+++ trunk/reactos/lib/kernel32/debug/output.c 2005-12-09 17:06:02 UTC
(rev 20008)
@@ -397,10 +397,10 @@
nRoundLen = nOutputStringLen;
/* copy the current block into the buffer */
- memcpy(pDBMonBuffer->Buffer, _OutputString, nOutputStringLen);
+ memcpy(pDBMonBuffer->Buffer, _OutputString, nRoundLen);
/* null-terminate the current block */
- pDBMonBuffer->Buffer[nOutputStringLen] = 0;
+ pDBMonBuffer->Buffer[nRoundLen] = 0;
/* signal that the data contains meaningful data and can be read
*/
SetEvent(hDBMonDataReady);
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.reactos.org/pipermail/ros-diffs/attachments/20051209/93d4ce64/attachment.html
More information about the Ros-diffs
mailing list