[Bug 40742] New: cmd.exe: buffer overflow while parsing qualifiers
wine-bugs at winehq.org
wine-bugs at winehq.org
Tue Jun 7 10:59:41 CDT 2016
https://bugs.winehq.org/show_bug.cgi?id=40742
Bug ID: 40742
Summary: cmd.exe: buffer overflow while parsing qualifiers
Product: Wine
Version: 1.9.11
Hardware: x86
OS: Linux
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: cmd
Assignee: wine-bugs at winehq.org
Reporter: jbb.rose at yahoo.com
Distribution: ---
Created attachment 54646
--> https://bugs.winehq.org/attachment.cgi?id=54646
Batch file which triggers the problem
WCMD_parse() copies command qualifiers into the quals[] array. The
array is MAX_PATH (260) characters long, but the input command can be
up to MAXSTRING (8192) characters long. This can lead to buffer
overflows and crashes if a command has many qualifiers.
The attached try.bat file, taken from an actual command generated by
a cross-build system, reliably crashes wine 1.9.11 as built on SLES11SP2.
Increasing the size of quals[] to MAXSTRING characters fixes the problem.
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list