buffer check in comdlg
Aric Stewart
aric at codeweavers.com
Thu Apr 6 15:04:03 CDT 2006
-------------- next part --------------
When selecting multiple files make sure we do not overrun our buffer.
dlls/commdlg/filedlg.c | 15 +++++++++++++--
1 files changed, 13 insertions(+), 2 deletions(-)
bc8287b159f866143312531bb773b26cf7eb6a2c
diff --git a/dlls/commdlg/filedlg.c b/dlls/commdlg/filedlg.c
index b20193d..cab34b8 100644
--- a/dlls/commdlg/filedlg.c
+++ b/dlls/commdlg/filedlg.c
@@ -1721,8 +1721,19 @@ BOOL FILEDLG95_OnOpenMultipleFiles(HWND
if(fodInfos->unicode)
{
LPOPENFILENAMEW ofn = fodInfos->ofnInfos;
- strcpyW( ofn->lpstrFile, lpstrPathSpec);
- memcpy( ofn->lpstrFile + nSizePath, lpstrFileList, sizeUsed*sizeof(WCHAR) );
+ if (nSizePath+sizeUsed > ofn->nMaxFile)
+ {
+ *((WORD*)ofn->lpstrFile)=nSizePath+sizeUsed;
+ FILEDLG95_Clean(hwnd);
+ EndDialog(hwnd,FALSE);
+ COMDLG32_SetCommDlgExtendedError(FNERR_BUFFERTOOSMALL);
+ return FALSE;
+ }
+ else
+ {
+ strcpyW( ofn->lpstrFile, lpstrPathSpec);
+ memcpy( ofn->lpstrFile + nSizePath, lpstrFileList, sizeUsed*sizeof(WCHAR) );
+ }
}
else
{
--
1.2.4
More information about the wine-patches
mailing list