kernel32: Avoid two potential buffer overflows of cStr in create_hardware_branch.
Gerald Pfeifer
gerald at pfeifer.com
Sat Feb 11 15:06:32 CST 2017
On Tue, 11 Oct 2016, Sebastian Lackner wrote:
>> According to that man page
>>
>> Warning: applications should avoid any dependence on the size of the
>> d_name field. POSIX defines it as char d_name[], a character array of
>> unspecified size, with at most NAME_MAX characters preceding the termi-
>> nating null byte ('\0').
>>
>> so we should be fine, shouldn't we?
> NAME_MAX is only used at a few places, so not sure if it works on all
> platforms.
In my experience, if it works on a Linux distro like openSUSE and
FreeBSD, it tends to work on all platforms Wine supports. ;-)
The better argument probably is that NAME_MAX is used in ntdll/directory.c
already.
> Btw, please also note that cUnixDeviceName is also affected by potential
> buffer overflow issues.
Yes, that's on my radar, too. First I wanted to make sure we have
agreement on how to go after this first case. I'll submit an updated
patch in a minute.
Sorry for the delay with that...
Gerald
More information about the wine-devel
mailing list