fix buffer overflow in datetime

Vitaliy Margolen wine-patch at kievinfo.com
Wed Apr 2 10:50:37 CST 2003 

This one was causing wrong text in datetime edit box.

Vitaliy Margolen

changelog:
  fix buffer overflow in datetime


Index: dlls/comctl32/datetime.c
===================================================================
RCS file: /home/wine/wine/dlls/comctl32/datetime.c,v
retrieving revision 1.35
diff -u -r1.35 datetime.c
--- dlls/comctl32/datetime.c    8 Jan 2003 21:09:28 -0000       1.35
+++ dlls/comctl32/datetime.c    2 Apr 2003 16:45:38 -0000
@@ -356,7 +356,7 @@
 
 
 static void
-DATETIME_ReturnTxt (DATETIME_INFO *infoPtr, int count, char *result)
+DATETIME_ReturnTxt (DATETIME_INFO *infoPtr, int count, char *result, int resultSize)
 {
  SYSTEMTIME date = infoPtr->date;
  int spec;
@@ -375,6 +375,8 @@
  if (spec & DT_STRING) {
        int txtlen=infoPtr->buflen[count];
 
+        if (txtlen > resultSize)
+            txtlen = resultSize - 1;
        strncpy (result, infoPtr->textbuf + (spec &~ DT_STRING), txtlen);
        result[txtlen]=0;
        TRACE ("arg%d=%x->[%s]\n",count,infoPtr->fieldspec[count],result);
@@ -399,8 +401,7 @@
                break;
        case FULLDAY:
                GetLocaleInfoA( LOCALE_USER_DEFAULT,LOCALE_SDAYNAME1+ (date.wDayOfWeek+6)%7,
-                               buffer,sizeof(buffer));
-               strcpy  (result,buffer);
+                               result, resultSize);
                break;
        case ONEDIGIT12HOUR:
                if (date.wHour>12)
@@ -440,12 +441,12 @@
                break;
        case THREECHARMONTH:
                GetLocaleInfoA( GetSystemDefaultLCID(),LOCALE_SMONTHNAME1+date.wMonth -1,
-                 buffer,sizeof(buffer));
+                               buffer,sizeof(buffer));
                sprintf (result,"%.3s",buffer);
                break;
        case FULLMONTH:
                GetLocaleInfoA( GetSystemDefaultLCID(),LOCALE_SMONTHNAME1+date.wMonth -1,
-                 result,sizeof(result));
+                               result, resultSize);
                break;
        case ONELETTERAMPM:
                if (date.wHour<12)
@@ -764,7 +765,7 @@
     HFONT oldFont;
     oldFont = SelectObject (hdc, infoPtr->hFont);
 
-    DATETIME_ReturnTxt (infoPtr, 0, txt);
+    DATETIME_ReturnTxt (infoPtr, 0, txt, sizeof(txt));
     GetTextExtentPoint32A (hdc, txt, strlen (txt), &size);
     rcDraw->bottom = size.cy+2;
 
@@ -773,7 +774,7 @@
     prevright = checkbox->right;
 
     for (i=0; i<infoPtr->nrFields; i++) {
-      DATETIME_ReturnTxt (infoPtr, i, txt);
+      DATETIME_ReturnTxt (infoPtr, i, txt, sizeof(txt));
       GetTextExtentPoint32A (hdc, txt, strlen (txt), &size);
       field = & infoPtr->fieldRect[i];
       field->left  = prevright;

More information about the wine-patches mailing list