Alexander Farber : cmd:
Fixed 3 buffer overflows when fetching environment variables.
Alexandre Julliard
julliard at wine.codeweavers.com
Thu Mar 1 05:59:48 CST 2007
Module: wine
Branch: master
Commit: fdeb6d5ae56ca40d3f4f1a7c4d75d31f2e58d6d5
URL: http://source.winehq.org/git/wine.git/?a=commit;h=fdeb6d5ae56ca40d3f4f1a7c4d75d31f2e58d6d5
Author: Alexander Farber <Alexander.Farber at nokia.com>
Date: Wed Feb 28 15:23:15 2007 +0100
cmd: Fixed 3 buffer overflows when fetching environment variables.
---
programs/cmd/wcmdmain.c | 14 ++++++++------
1 files changed, 8 insertions(+), 6 deletions(-)
diff --git a/programs/cmd/wcmdmain.c b/programs/cmd/wcmdmain.c
index fdf864a..754dec7 100644
--- a/programs/cmd/wcmdmain.c
+++ b/programs/cmd/wcmdmain.c
@@ -672,6 +672,7 @@ void WCMD_run_program (char *command, int called) {
BOOL extensionsupplied = FALSE;
BOOL launched = FALSE;
BOOL status;
+ DWORD len;
WCMD_parse (command, quals, param1, param2); /* Quick way to get the filename */
@@ -681,8 +682,8 @@ void WCMD_run_program (char *command, int called) {
/* Calculate the search path and stem to search for */
if (strpbrk (param1, "/\\:") == NULL) { /* No explicit path given, search path */
strcpy(pathtosearch,".;");
- status = GetEnvironmentVariable ("PATH", &pathtosearch[2], sizeof(pathtosearch)-2);
- if ((status == 0) || (status > sizeof(pathtosearch))) {
+ len = GetEnvironmentVariable ("PATH", &pathtosearch[2], sizeof(pathtosearch)-2);
+ if ((len == 0) || (len >= sizeof(pathtosearch) - 2)) {
lstrcpy (pathtosearch, ".");
}
if (strchr(param1, '.') != NULL) extensionsupplied = TRUE;
@@ -699,8 +700,8 @@ void WCMD_run_program (char *command, int called) {
}
/* Now extract PATHEXT */
- status = GetEnvironmentVariable ("PATHEXT", pathext, sizeof(pathext));
- if ((status == 0) || (status > sizeof(pathext))) {
+ len = GetEnvironmentVariable ("PATHEXT", pathext, sizeof(pathext));
+ if ((len == 0) || (len >= sizeof(pathext))) {
lstrcpy (pathext, ".bat;.com;.cmd;.exe");
}
@@ -857,9 +858,10 @@ void WCMD_show_prompt (void) {
int status;
char out_string[MAX_PATH], curdir[MAX_PATH], prompt_string[MAX_PATH];
char *p, *q;
+DWORD len;
- status = GetEnvironmentVariable ("PROMPT", prompt_string, sizeof(prompt_string));
- if ((status == 0) || (status > sizeof(prompt_string))) {
+ len = GetEnvironmentVariable ("PROMPT", prompt_string, sizeof(prompt_string));
+ if ((len == 0) || (len >= sizeof(prompt_string))) {
lstrcpy (prompt_string, "$P$G");
}
p = prompt_string;
More information about the wine-cvs
mailing list