Security bug in ShellExecuteEx()
Michael Stefaniuc
mstefani at redhat.de
Fri Apr 9 07:33:30 CDT 2004
Hello,
On Fri, Apr 09, 2004 at 02:14:10AM +0200, Francois Gouget wrote:
> Index: dlls/shell32/shlexec.c
> ===================================================================
> RCS file: /var/cvs/wine/dlls/shell32/shlexec.c,v
> retrieving revision 1.40
> diff -u -r1.40 shlexec.c
> --- a/dlls/shell32/shlexec.c 7 Apr 2004 03:49:51 -0000 1.40
> +++ b/dlls/shell32/shlexec.c 8 Apr 2004 23:12:53 -0000
> @@ -1114,10 +1126,6 @@
> strcatW(wszApplicationName, wszCommandline);
> }
>
> - retval = execfunc(wszApplicationName, NULL, FALSE, &sei_tmp, sei);
> - if (retval > 32)
> - return TRUE;
> -
> /* Else, try to find the executable */
^^^^^ You may want to remove this because it refers to the
just removed if.
> wcmd[0] = '\0';
> retval = SHELL_FindExecutable(sei_tmp.lpDirectory, lpFile, sei_tmp.lpVerb, wcmd, 1024, lpstrProtocol, &env, sei_tmp.lpIDList, sei_tmp.lpParameters);
bye
michael
--
Michael Stefaniuc Tel.: +49-711-96437-199
System Administration Fax.: +49-711-96437-111
Red Hat GmbH Email: mstefani at redhat.com
Hauptstaetterstr. 58 http://www.redhat.de/
D-70178 Stuttgart
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://www.winehq.org/pipermail/wine-devel/attachments/20040409/a65b04e6/attachment.pgp
More information about the wine-devel
mailing list