user: avoid buffer overflow in sysparams.c
Rein Klazes
wijn at wanadoo.nl
Mon Jan 16 05:17:59 CST 2006
Hi,
Proposed fix for bug #4315.
Maximum 32 bit integer is 10 decimal digits. Add a sign (if signed )
and null character and it needs a buffer size of 12. Use this size all
over sysparams.c.
Changelog:
dlls/user : sysparams.c
Increase buffer size to 12 for getting and setting integer parameters
from/to the registry.
Rein.
-------------- next part --------------
--- wine/dlls/user/sysparams.c 2005-12-17 09:44:49.000000000 +0100
+++ mywine/dlls/user/sysparams.c 2006-01-16 12:01:42.000000000 +0100
@@ -748,7 +748,7 @@ static BOOL get_uint_param( unsigned int
if (!ret_ptr) return FALSE;
if (!spi_loaded[idx])
{
- WCHAR buf[10];
+ WCHAR buf[12];
if (SYSPARAMS_Load( regkey, value, buf, sizeof(buf) )) *value_ptr = atoiW( buf );
spi_loaded[idx] = TRUE;
@@ -764,7 +764,7 @@ static BOOL get_twips_param( unsigned in
if (!ret_ptr) return FALSE;
if (!spi_loaded[idx])
{
- WCHAR buf[10];
+ WCHAR buf[12];
if (SYSPARAMS_Load( regkey, value, buf, sizeof(buf) ))
*value_ptr = SYSPARAMS_Twips2Pixels( atoiW(buf) );
@@ -785,7 +785,7 @@ static inline BOOL get_bool_param( unsig
static BOOL set_uint_param_mirrored( unsigned int idx, LPCWSTR regkey, LPCWSTR regkey_mirror,
LPCWSTR value, UINT *value_ptr, UINT new_val, UINT fWinIni )
{
- WCHAR buf[10];
+ WCHAR buf[12];
wsprintfW(buf, CSu, new_val);
if (!SYSPARAMS_Save( regkey, value, buf, fWinIni )) return FALSE;
@@ -799,7 +799,7 @@ static BOOL set_uint_param_mirrored( uns
static BOOL save_int_param( LPCWSTR regkey, LPCWSTR value, INT *value_ptr,
INT new_val, UINT fWinIni )
{
- WCHAR buf[10];
+ WCHAR buf[12];
wsprintfW(buf, CSd, new_val);
if (!SYSPARAMS_Save( regkey, value, buf, fWinIni )) return FALSE;
@@ -1172,7 +1172,7 @@ BOOL WINAPI SystemParametersInfoW( UINT
spi_idx = SPI_SETMOUSE_IDX;
if (!spi_loaded[spi_idx])
{
- WCHAR buf[10];
+ WCHAR buf[12];
if (SYSPARAMS_Load( SPI_SETMOUSE_REGKEY, SPI_SETMOUSE_VALNAME1,
buf, sizeof(buf) ))
@@ -1278,7 +1278,7 @@ BOOL WINAPI SystemParametersInfoW( UINT
case SPI_SETSCREENSAVEACTIVE: /* 17 */
{
- WCHAR buf[5];
+ WCHAR buf[12];
wsprintfW(buf, CSu, uiParam);
USER_Driver->pSetScreenSaveActive( uiParam );
More information about the wine-patches
mailing list