[PATCH] avoid potential 1 byte overflow
Marcus Meissner
marcus at jet.franken.de
Sun Feb 18 13:09:29 CST 2007
Coverity spotted this, and I have to agree
that if the returned entry is 256 WCHARs long
this would write one \0 too many.
CID 310
Ciao, Marcus
---
dlls/shell32/shlexec.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/dlls/shell32/shlexec.c b/dlls/shell32/shlexec.c
index 2d4a25e..63bda87 100644
--- a/dlls/shell32/shlexec.c
+++ b/dlls/shell32/shlexec.c
@@ -654,6 +654,8 @@ UINT SHELL_FindExecutable(LPCWSTR lpPath
&filetypelen) == ERROR_SUCCESS)
{
filetypelen /= sizeof(WCHAR);
+ if (filetypelen == sizeof(filetype)/sizeof(WCHAR))
+ filetypelen--;
filetype[filetypelen] = '\0';
TRACE("File type: %s\n", debugstr_w(filetype));
}
--
1.4.3.4
More information about the wine-patches
mailing list