shell32: Check number of bytes returned by ReadFile.

Dmitry Timoshkov dmitry at baikal.ru
Tue Oct 29 02:09:31 CDT 2013


---
 dlls/shell32/shell32_main.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/dlls/shell32/shell32_main.c b/dlls/shell32/shell32_main.c
index 1e37b47..2d47e35 100644
--- a/dlls/shell32/shell32_main.c
+++ b/dlls/shell32/shell32_main.c
@@ -342,14 +342,20 @@ static DWORD shgfi_get_exe_type(LPCWSTR szFullPath)
 
     SetFilePointer( hfile, 0, NULL, SEEK_SET );
     ReadFile( hfile, &mz_header, sizeof(mz_header), &len, NULL );
+    if (len != sizeof(mz_header))
+    {
+        CloseHandle( hfile );
+        return 0;
+    }
 
     SetFilePointer( hfile, mz_header.e_lfanew, NULL, SEEK_SET );
     ReadFile( hfile, magic, sizeof(magic), &len, NULL );
-    if ( *(DWORD*)magic == IMAGE_NT_SIGNATURE )
+    if (len == sizeof(magic) && *(DWORD*)magic == IMAGE_NT_SIGNATURE )
     {
         SetFilePointer( hfile, mz_header.e_lfanew, NULL, SEEK_SET );
         ReadFile( hfile, &nt, sizeof(nt), &len, NULL );
         CloseHandle( hfile );
+        if (len != sizeof(nt)) return 0;
         /* DLL files are not executable and should return 0 */
         if (nt.FileHeader.Characteristics & IMAGE_FILE_DLL)
             return 0;
@@ -361,13 +367,13 @@ static DWORD shgfi_get_exe_type(LPCWSTR szFullPath)
         }
         return IMAGE_NT_SIGNATURE;
     }
-    else if ( *(WORD*)magic == IMAGE_OS2_SIGNATURE )
+    else if (len >= 2 && *(WORD*)magic == IMAGE_OS2_SIGNATURE )
     {
         IMAGE_OS2_HEADER ne;
         SetFilePointer( hfile, mz_header.e_lfanew, NULL, SEEK_SET );
         ReadFile( hfile, &ne, sizeof(ne), &len, NULL );
         CloseHandle( hfile );
-        if (ne.ne_exetyp == 2)
+        if (len == sizeof(ne) && ne.ne_exetyp == 2)
             return IMAGE_OS2_SIGNATURE | (ne.ne_expver << 16);
         return 0;
     }
-- 
1.8.4.1




More information about the wine-patches mailing list