winedbg: Extend buffer in packet_query_monitor_process to avoid avoid overrun/truncation.
Gerald Pfeifer
gerald at pfeifer.com
Sun Oct 2 00:40:36 CDT 2016
PROCESSENTRY32 declares szExeFile as char[MAX_PATH], yet buffer
in packet_query_monitor_process is declared as char[128].
This means
snprintf(buffer, sizeof(buffer),
"%c%08x %-8d %08x '%s'\n",
deco, entry.th32ProcessID, entry.cntThreads,
entry.th32ParentProcessID, entry.szExeFile);
there may be running over (well, not really, since it's snprintf,
not plain sprintf, but still).
GCC 7 is going to warn about this, by the way.
Gerald
Signed-off-by: Gerald Pfeifer <gerald at pfeifer.com>
---
programs/winedbg/gdbproxy.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/programs/winedbg/gdbproxy.c b/programs/winedbg/gdbproxy.c
index 7f0a8c9..f94fef5 100644
--- a/programs/winedbg/gdbproxy.c
+++ b/programs/winedbg/gdbproxy.c
@@ -1710,7 +1710,7 @@ static void packet_query_monitor_wnd(struct gdb_context* gdbctx, int len, const
static void packet_query_monitor_process(struct gdb_context* gdbctx, int len, const char* str)
{
HANDLE snap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
- char buffer[128];
+ char buffer[31+MAX_PATH];
char deco;
PROCESSENTRY32 entry;
BOOL ok;
--
2.9.2
More information about the wine-patches
mailing list