16 Dec
2004
16 Dec
'04
4:44 p.m.
We have a lot of unchecked string functions on the DeviceNode fields in io/pnpmgr.c, by the way. I think i've stumbled on four such places so far, but I suspect that the whole thing should be hardened together.
Can you be more specific about this? Which strings? Which places?
I'm wrong that there are a lot, these are the ones I've been bitten by. I think they're the only cases in which a wcscat/wcscpy is called on a possibly empty string.
line 171, DeviceNode->InstancePath.Buffer can be null. line 1059, DeviceNode->InstancePath.Buffer can be null.
--
Here's a simple experiment. Stand on a train track between two locomotives
which are pushing on you with equal force in opposite directions. You will
exhibit no net motion. None the less, you may soon begin to notice that
something important is happening.
-- Robert Stirniman