[ros-diffs] [janderwald] 35570: - Check if source and destination is the same. Fixes creating a new directory and using the default name - Prevent a potential buffer overflow in the file properties dialog

Author: janderwald Date: Sat Aug 23 12:32:17 2008 New Revision: 35570 URL: http://svn.reactos.org/svn/reactos?rev=35570&view=rev Log: - Check if source and destination is the same. Fixes creating a new directory and using the default name - Prevent a potential buffer overflow in the file properties dialog Modified: trunk/reactos/dll/win32/shell32/fprop.c trunk/reactos/dll/win32/shell32/shfldr_desktop.c Modified: trunk/reactos/dll/win32/shell32/fprop.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/shell32/fprop.c?… ============================================================================== --- trunk/reactos/dll/win32/shell32/fprop.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/shell32/fprop.c [iso-8859-1] Sat Aug 23 12:32:17 2008 @@ -664,7 +664,7 @@ int EnumPropSheetExt(LPWSTR wFileName, PROPSHEETHEADERW *pinfo, int NumPages, HPSXA * hpsxa, IDataObject *pDataObj) { - WCHAR szName[100]; + WCHAR szName[MAX_PATH] = {0}; WCHAR * pOffset; UINT Length; DWORD dwName; @@ -675,7 +675,7 @@ if (!pOffset) { Length = wcslen(szName); - if (Length >=94) + if (Length + 6 > sizeof(szName)/sizeof(szName[0])) return 0; if (CLSIDFromString(wFileName, &clsid) == NOERROR) @@ -691,7 +691,7 @@ else { Length = wcslen(pOffset); - if (Length >= 100) + if (Length >= sizeof(szName)/sizeof(szName[0])) return 0; wcscpy(szName, pOffset); } @@ -799,7 +799,11 @@ hResult = SHCreateDataObject(pidlFolder, 1, apidl, NULL, &IID_IDataObject, (LPVOID*)&pDataObj); if (hResult == S_OK) { - EnumPropSheetExt(wFileName, &pinfo, MAX_PROPERTY_SHEET_PAGE-1, hpsxa, pDataObj); + if (!EnumPropSheetExt(wFileName, &pinfo, MAX_PROPERTY_SHEET_PAGE-1, hpsxa, pDataObj)) + { + hpsxa[0] = NULL; + hpsxa[1] = NULL; + } } if ( GetFileVersionInfoSizeW(lpf, &dwHandle)) @@ -813,8 +817,8 @@ if (hResult == S_OK) { - SHDestroyPropSheetExtArray(hpsxa[0]); - SHDestroyPropSheetExtArray(hpsxa[1]); + SHDestroyPropSheetExtArray(hpsxa[0]); + SHDestroyPropSheetExtArray(hpsxa[1]); IDataObject_Release(pDataObj); } Modified: trunk/reactos/dll/win32/shell32/shfldr_desktop.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/shell32/shfldr_d… ============================================================================== --- trunk/reactos/dll/win32/shell32/shfldr_desktop.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/shell32/shfldr_desktop.c [iso-8859-1] Sat Aug 23 12:32:17 2008 @@ -864,6 +864,16 @@ } } + if (!memcmp(szSrc, szDest, (wcslen(szDest)+1) * sizeof(WCHAR))) + { + /* src and destination is the same */ + hr = S_OK; + if (pPidlOut) + hr = _ILCreateFromPathW(szDest, pPidlOut); + + return hr; + } + TRACE ("src=%s dest=%s\n", debugstr_w(szSrc), debugstr_w(szDest)); if (MoveFileW (szSrc, szDest)) {