[ros-diffs] [cwittich] 39402: shell32: Fixed potential buffer overwrite in execute_from_key (Coverity). Marcus Meissner <marcus at jet.franken.de>
cwittich at svn.reactos.org
cwittich at svn.reactos.org
Thu Feb 5 09:55:29 CET 2009
Author: cwittich
Date: Thu Feb 5 02:55:28 2009
New Revision: 39402
URL: http://svn.reactos.org/svn/reactos?rev=39402&view=rev
Log:
shell32: Fixed potential buffer overwrite in execute_from_key (Coverity).
Marcus Meissner <marcus at jet.franken.de>
Modified:
trunk/reactos/dll/win32/shell32/shlexec.c
Modified: trunk/reactos/dll/win32/shell32/shlexec.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/shell32/shlexec.c?rev=39402&r1=39401&r2=39402&view=diff
==============================================================================
--- trunk/reactos/dll/win32/shell32/shlexec.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/shell32/shlexec.c [iso-8859-1] Thu Feb 5 02:55:28 2009
@@ -908,6 +908,8 @@
/* Is there a replace() function anywhere? */
cmdlen /= sizeof(WCHAR);
+ if (cmdlen >= sizeof(cmd)/sizeof(WCHAR))
+ cmdlen = sizeof(cmd)/sizeof(WCHAR)-1;
cmd[cmdlen] = '\0';
SHELL_ArgifyW(param, sizeof(param)/sizeof(WCHAR), cmd, lpFile, psei->lpIDList, szCommandline, &resultLen);
if (resultLen > sizeof(param)/sizeof(WCHAR))
More information about the Ros-diffs
mailing list