[PATCH] (resubmit) avoid potential 1 byte overflow
Marcus Meissner
marcus at jet.franken.de
Fri May 11 14:09:29 CDT 2007
Coverity spotted this, and I have to agree
that if the returned entry is 256 WCHARs long
this would write one \0 too many.
CID 310
Ciao, Marcus
---
dlls/shell32/shlexec.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/dlls/shell32/shlexec.c b/dlls/shell32/shlexec.c
index 6e38dbd..5b2ee4e 100644
--- a/dlls/shell32/shlexec.c
+++ b/dlls/shell32/shlexec.c
@@ -654,6 +654,8 @@ UINT SHELL_FindExecutable(LPCWSTR lpPath
&filetypelen) == ERROR_SUCCESS)
{
filetypelen /= sizeof(WCHAR);
+ if (filetypelen == sizeof(filetype)/sizeof(WCHAR))
+ filetypelen--;
filetype[filetypelen] = '\0';
TRACE("File type: %s\n", debugstr_w(filetype));
}
--
1.4.3.4
More information about the wine-patches
mailing list