Juan Lang : shell32: Dynamically allocate buffer for quoted command.
Alexandre Julliard
julliard at winehq.org
Mon Nov 19 08:19:36 CST 2007
Module: wine
Branch: master
Commit: b829f034f57ef757c5ddedb62d516eae49f05ac7
URL: http://source.winehq.org/git/wine.git/?a=commit;h=b829f034f57ef757c5ddedb62d516eae49f05ac7
Author: Juan Lang <juan.lang at gmail.com>
Date: Fri Nov 16 12:40:25 2007 -0800
shell32: Dynamically allocate buffer for quoted command.
---
dlls/shell32/shlexec.c | 13 ++++++++++++-
1 files changed, 12 insertions(+), 1 deletions(-)
diff --git a/dlls/shell32/shlexec.c b/dlls/shell32/shlexec.c
index 5b1a625..2036a09 100644
--- a/dlls/shell32/shlexec.c
+++ b/dlls/shell32/shlexec.c
@@ -1371,7 +1371,17 @@ static UINT_PTR SHELL_quote_and_execute( LPCWSTR wcmd, LPCWSTR wszParameters, LP
static const WCHAR wQuote[] = {'"',0};
static const WCHAR wSpace[] = {' ',0};
UINT_PTR retval;
- WCHAR wszQuotedCmd[MAX_PATH+2];
+ DWORD len;
+ WCHAR *wszQuotedCmd;
+
+ /* Length of quotes plus length of command plus NULL terminator */
+ len = 2 + lstrlenW(wcmd) + 1;
+ if (wszParameters[0])
+ {
+ /* Length of space plus length of parameters */
+ len += 1 + lstrlenW(wszParameters);
+ }
+ wszQuotedCmd = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
/* Must quote to handle case where cmd contains spaces,
* else security hole if malicious user creates executable file "C:\\Program"
*/
@@ -1387,6 +1397,7 @@ static UINT_PTR SHELL_quote_and_execute( LPCWSTR wcmd, LPCWSTR wszParameters, LP
retval = execute_from_key(lpstrProtocol, wszApplicationName, env, psei->lpParameters, wcmd, execfunc, psei, psei_out);
else
retval = execfunc(wszQuotedCmd, env, FALSE, psei, psei_out);
+ HeapFree(GetProcessHeap(), 0, wszQuotedCmd);
return retval;
}
More information about the wine-cvs
mailing list