Marcus Meissner : shell32: Fixed potential buffer overwrite in execute_from_key (Coverity).

Alexandre Julliard julliard at winehq.org
Mon Feb 2 09:01:17 CST 2009


Module: wine
Branch: master
Commit: 0aa5a836886b54196966ae0ae1738fe961362a4b
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=0aa5a836886b54196966ae0ae1738fe961362a4b

Author: Marcus Meissner <marcus at jet.franken.de>
Date:   Fri Jan 30 22:01:18 2009 +0100

shell32: Fixed potential buffer overwrite in execute_from_key (Coverity).

---

 dlls/shell32/shlexec.c |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/dlls/shell32/shlexec.c b/dlls/shell32/shlexec.c
index 8a65636..1fbaabb 100644
--- a/dlls/shell32/shlexec.c
+++ b/dlls/shell32/shlexec.c
@@ -935,6 +935,8 @@ static UINT_PTR execute_from_key(LPCWSTR key, LPCWSTR lpFile, WCHAR *env, LPCWST
 
         /* Is there a replace() function anywhere? */
         cmdlen /= sizeof(WCHAR);
+	if (cmdlen >= sizeof(cmd)/sizeof(WCHAR))
+	    cmdlen = sizeof(cmd)/sizeof(WCHAR)-1;
         cmd[cmdlen] = '\0';
         SHELL_ArgifyW(param, sizeof(param)/sizeof(WCHAR), cmd, lpFile, psei->lpIDList, szCommandline, &resultLen);
         if (resultLen > sizeof(param)/sizeof(WCHAR))




More information about the wine-cvs mailing list