Paul Gofman : kernelbase: Fix string size variable overflow in GetModuleFileNameW().
Alexandre Julliard
julliard at winehq.org
Mon Oct 4 15:42:18 CDT 2021
Module: wine
Branch: master
Commit: 7c523f48677abb5d8cf7d2b2f1cff919e57c8e99
URL: https://source.winehq.org/git/wine.git/?a=commit;h=7c523f48677abb5d8cf7d2b2f1cff919e57c8e99
Author: Paul Gofman <pgofman at codeweavers.com>
Date: Mon Oct 4 12:21:10 2021 +0300
kernelbase: Fix string size variable overflow in GetModuleFileNameW().
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=51833
Signed-off-by: Paul Gofman <pgofman at codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard at winehq.org>
---
dlls/kernel32/tests/module.c | 5 +++++
dlls/kernelbase/loader.c | 2 +-
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/dlls/kernel32/tests/module.c b/dlls/kernel32/tests/module.c
index 2487b9d65ab..60654754302 100644
--- a/dlls/kernel32/tests/module.c
+++ b/dlls/kernel32/tests/module.c
@@ -190,6 +190,11 @@ static void testGetModuleFileName(const char* name)
ok(len1A / 2 == len2A,
"Correct length in GetModuleFilenameA with buffer too small (%d/%d)\n", len1A / 2, len2A);
+
+ len1A = GetModuleFileNameA(hMod, bufA, 0x10000);
+ ok(len1A > 0, "Getting module filename for handle %p\n", hMod);
+ len1W = GetModuleFileNameW(hMod, bufW, 0x10000);
+ ok(len1W > 0, "Getting module filename for handle %p\n", hMod);
}
static void testGetModuleFileName_Wrong(void)
diff --git a/dlls/kernelbase/loader.c b/dlls/kernelbase/loader.c
index 145d721bc26..de9ff2ba1a5 100644
--- a/dlls/kernelbase/loader.c
+++ b/dlls/kernelbase/loader.c
@@ -311,7 +311,7 @@ DWORD WINAPI DECLSPEC_HOTPATCH GetModuleFileNameW( HMODULE module, LPWSTR filena
}
name.Buffer = filename;
- name.MaximumLength = size * sizeof(WCHAR);
+ name.MaximumLength = min( size, UNICODE_STRING_MAX_CHARS ) * sizeof(WCHAR);
status = LdrGetDllFullName( module, &name );
if (!status || status == STATUS_BUFFER_TOO_SMALL) len = name.Length / sizeof(WCHAR);
SetLastError( RtlNtStatusToDosError( status ));
More information about the wine-cvs
mailing list