[ros-diffs] [tfaber] 65154: [NEWDEV] - Fix buffer overflow in PopulateCustomPathCombo. Powered by DPH. - Fix a signed vs unsigned comparison

31 Oct 2014

Author: tfaber
Date: Fri Oct 31 17:35:38 2014
New Revision: 65154
URL: http://svn.reactos.org/svn/reactos?rev=65154&view=rev
Log:
[NEWDEV]
- Fix buffer overflow in PopulateCustomPathCombo. Powered by DPH.
- Fix a signed vs unsigned comparison
Modified:
    trunk/reactos/dll/win32/newdev/wizard.c
Modified: trunk/reactos/dll/win32/newdev/wizard.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/newdev/wizard.c?r...
==============================================================================

--- trunk/reactos/dll/win32/newdev/wizard.c	[iso-8859-1] (original)
+++ trunk/reactos/dll/win32/newdev/wizard.c	[iso-8859-1] Fri Oct 31 17:35:38 2014
@@ -280,7 +280,9 @@
         TRACE("RegQueryValueEx() failed with error 0x%lx\n", rc);
         goto cleanup;
     }
-    Buffer[dwPathLength] = Buffer[dwPathLength + 1] = '\0';
+
+    Buffer[dwPathLength / sizeof(WCHAR)] = UNICODE_NULL;
+    Buffer[dwPathLength / sizeof(WCHAR) + 1] = UNICODE_NULL;
/* Populate combo box */
     for (Path = Buffer; *Path; Path += wcslen(Path) + 1)
@@ -305,7 +307,7 @@
     LPWSTR Buffer = NULL;
     LPWSTR pBuffer; /* Pointer into Buffer */
     int ItemsCount, Length;
-    DWORD i;
+    int i;
     DWORD TotalLength = 0;
     BOOL UseCustomPath = TRUE;
     HKEY hKey = NULL;

    

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

[ros-diffs] [tfaber] 65154: [NEWDEV] - Fix buffer overflow in PopulateCustomPathCombo. Powered by DPH. - Fix a signed vs unsigned comparison