MR17v1 - programs/cmd: test that read is successful before using its result
Alexandre Julliard (@julliard)
wine at gitlab.winehq.org
Mon May 2 04:45:33 CDT 2022
Alexandre Julliard (@julliard) commented about programs/cmd/builtins.c:
> (lstrcmpW(fd.cFileName, L"..") != 0) && (lstrcmpW(fd.cFileName, L".") != 0))
> {
> /* Allocate memory, add to list */
> - DIRECTORY_STACK *toWalk = heap_xalloc(sizeof(DIRECTORY_STACK));
> + DIRECTORY_STACK *toWalk;
> + if (wcslen(dirsToWalk->dirName) + 1 + wcslen(fd.cFileName) >= MAX_PATH)
> + {
> + WINE_TRACE("Skipping too long path %ls\\%ls\n", dirsToWalk->dirName, fd.cFileName);
You'd want to use debugstr_w() to avoid debug buffer overflows.
--
https://gitlab.winehq.org/wine/wine/-/merge_requests/17#note_522
More information about the wine-devel
mailing list