shell32: Check number of bytes returned by ReadFile.
Dmitry Timoshkov
dmitry at baikal.ru
Tue Oct 29 02:09:31 CDT 2013
---
dlls/shell32/shell32_main.c | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/dlls/shell32/shell32_main.c b/dlls/shell32/shell32_main.c
index 1e37b47..2d47e35 100644
--- a/dlls/shell32/shell32_main.c
+++ b/dlls/shell32/shell32_main.c
@@ -342,14 +342,20 @@ static DWORD shgfi_get_exe_type(LPCWSTR szFullPath)
SetFilePointer( hfile, 0, NULL, SEEK_SET );
ReadFile( hfile, &mz_header, sizeof(mz_header), &len, NULL );
+ if (len != sizeof(mz_header))
+ {
+ CloseHandle( hfile );
+ return 0;
+ }
SetFilePointer( hfile, mz_header.e_lfanew, NULL, SEEK_SET );
ReadFile( hfile, magic, sizeof(magic), &len, NULL );
- if ( *(DWORD*)magic == IMAGE_NT_SIGNATURE )
+ if (len == sizeof(magic) && *(DWORD*)magic == IMAGE_NT_SIGNATURE )
{
SetFilePointer( hfile, mz_header.e_lfanew, NULL, SEEK_SET );
ReadFile( hfile, &nt, sizeof(nt), &len, NULL );
CloseHandle( hfile );
+ if (len != sizeof(nt)) return 0;
/* DLL files are not executable and should return 0 */
if (nt.FileHeader.Characteristics & IMAGE_FILE_DLL)
return 0;
@@ -361,13 +367,13 @@ static DWORD shgfi_get_exe_type(LPCWSTR szFullPath)
}
return IMAGE_NT_SIGNATURE;
}
- else if ( *(WORD*)magic == IMAGE_OS2_SIGNATURE )
+ else if (len >= 2 && *(WORD*)magic == IMAGE_OS2_SIGNATURE )
{
IMAGE_OS2_HEADER ne;
SetFilePointer( hfile, mz_header.e_lfanew, NULL, SEEK_SET );
ReadFile( hfile, &ne, sizeof(ne), &len, NULL );
CloseHandle( hfile );
- if (ne.ne_exetyp == 2)
+ if (len == sizeof(ne) && ne.ne_exetyp == 2)
return IMAGE_OS2_SIGNATURE | (ne.ne_expver << 16);
return 0;
}
--
1.8.4.1
More information about the wine-patches
mailing list