[ros-diffs] [akhaldi] 66634: [VMWINST] Use StringCb{Copy, Cat} instead of wcs{cpy, cat} to ensure that no buffer overflows occur. CID 514272s and 515210. By Ricardo Hanke. CORE-9347

Author: akhaldi Date: Mon Mar 9 20:50:42 2015 New Revision: 66634 URL: http://svn.reactos.org/svn/reactos?rev=66634&view=rev Log: [VMWINST] Use StringCb{Copy,Cat} instead of wcs{cpy,cat} to ensure that no buffer overflows occur. CID 514272s and 515210. By Ricardo Hanke. CORE-9347 Modified: trunk/reactos/base/setup/vmwinst/vmwinst.c Modified: trunk/reactos/base/setup/vmwinst/vmwinst.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/base/setup/vmwinst/vmwinst… ============================================================================== --- trunk/reactos/base/setup/vmwinst/vmwinst.c [iso-8859-1] (original) +++ trunk/reactos/base/setup/vmwinst/vmwinst.c [iso-8859-1] Mon Mar 9 20:50:42 2015 @@ -31,6 +31,7 @@ #include <winreg.h> #include <wingdi.h> #include <winuser.h> +#include <strsafe.h> #include <newdev.h> #include <pseh/pseh2.h> #include <debug.h> @@ -124,8 +125,8 @@ HANDLE FileHandle; FileName[0] = L'\0'; - wcscat(FileName, Path); - wcscat(FileName, File); + StringCbCat(FileName, sizeof(FileName), Path); + StringCbCat(FileName, sizeof(FileName), File); FileHandle = CreateFile(FileName, GENERIC_READ, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); @@ -495,8 +496,8 @@ if(AbortInstall != 0) goto done; PostMessage(hInstallationNotifyWnd, WM_INSTSTATUSUPDATE, IDS_COPYINGFILES, 0); - wcscpy(InfFileName, SrcPath); - wcscat(InfFileName, L"vmx_svga.inf"); + StringCbCopy(InfFileName, sizeof(InfFileName), SrcPath); + StringCbCat(InfFileName, sizeof(InfFileName), L"vmx_svga.inf"); DPRINT1("Calling UpdateDriverForPlugAndPlayDevices()\n"); if (!UpdateDriverForPlugAndPlayDevices( hInstallationNotifyWnd, @@ -1071,11 +1072,11 @@ lc += GetSystemDirectory(DestinationPath, MAX_PATH) - 1; if(lc >= DestinationPath && *lc != L'\\') { - wcscat(DestinationPath, L"\\"); + StringCbCat(DestinationPath, sizeof(DestinationPath), L"\\"); } DestinationDriversPath[0] = L'\0'; - wcscat(DestinationDriversPath, DestinationPath); - wcscat(DestinationDriversPath, L"drivers\\"); + StringCbCat(DestinationDriversPath, sizeof(DestinationDriversPath), DestinationPath); + StringCbCat(DestinationDriversPath, sizeof(DestinationDriversPath), L"drivers\\"); SetCurrentDirectory(DestinationPath);