https://git.reactos.org/?p=reactos.git;a=commitdiff;h=a07b569b255477fe754dcc...
commit a07b569b255477fe754dcc836c411ace8e6d1b7b Author: Thomas Faber thomas.faber@reactos.org AuthorDate: Tue Dec 12 12:38:45 2017 +0100
[NTOS:KD] Don't assume null termination in KdpSerialDebugPrint and KdpScreenPrint. CORE-14057 CORE-14103 --- ntoskrnl/kd/kdio.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/ntoskrnl/kd/kdio.c b/ntoskrnl/kd/kdio.c index 3fedfd7ca5..205842056f 100644 --- a/ntoskrnl/kd/kdio.c +++ b/ntoskrnl/kd/kdio.c @@ -340,7 +340,7 @@ KdpSerialDebugPrint(LPSTR Message, }
/* Output the message */ - while (*pch != 0) + while (pch < Message + Length && *pch != '\0') { if (*pch == '\n') { @@ -412,7 +412,7 @@ KdpScreenPrint(LPSTR Message, KIRQL OldIrql; PCHAR pch = (PCHAR) Message;
- while (*pch) + while (pch < Message + Length && *pch) { if(*pch == '\b') { @@ -584,9 +584,8 @@ KdpPrintString( _SEH2_TRY { ProbeForRead(UnsafeString, Length, 1); - String = _alloca(Length + 1); + String = _alloca(Length); RtlCopyMemory(String, UnsafeString, Length); - String[Length] = ANSI_NULL; } _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER) {