[tfaber] 69628: [WORDPAD] - Fix potential buffer overflows. CID 713265, 713266 - Ros-diffs

20 Oct 2015

Author: tfaber
Date: Tue Oct 20 08:40:29 2015
New Revision: 69628
URL: http://svn.reactos.org/svn/reactos?rev=69628&view=rev
Log:
[WORDPAD]
- Fix potential buffer overflows. CID 713265, 713266
Modified:
    trunk/reactos/base/applications/wordpad/registry.c
    trunk/reactos/base/applications/wordpad/wordpad.c
Modified: trunk/reactos/base/applications/wordpad/registry.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/base/applications/wordpad/r...
==============================================================================

--- trunk/reactos/base/applications/wordpad/registry.c	[iso-8859-1] (original)
+++ trunk/reactos/base/applications/wordpad/registry.c	[iso-8859-1] Tue Oct 20 08:40:29 2015
@@ -156,9 +156,9 @@
 {
     LPWSTR pos_basename;
     LPWSTR truncpos1, truncpos2;
-    WCHAR myDocs[MAX_STRING_LEN];
-
-    SHGetFolderPathW(NULL, CSIDL_PERSONAL, NULL, SHGFP_TYPE_CURRENT, (LPWSTR)&myDocs);
+    WCHAR myDocs[MAX_PATH];
+
+    SHGetFolderPathW(NULL, CSIDL_PERSONAL, NULL, SHGFP_TYPE_CURRENT, myDocs);
     pos_basename = file_basename(file);
     truncpos1 = NULL;
     truncpos2 = NULL;
Modified: trunk/reactos/base/applications/wordpad/wordpad.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/base/applications/wordpad/w...
==============================================================================
--- trunk/reactos/base/applications/wordpad/wordpad.c	[iso-8859-1] (original)
+++ trunk/reactos/base/applications/wordpad/wordpad.c	[iso-8859-1] Tue Oct 20 08:40:29 2015
@@ -1229,7 +1229,7 @@
         if (pFr->lpstrFindWhat != custom_data->findBuffer)
         {
             lstrcpynW(custom_data->findBuffer, pFr->lpstrFindWhat,
-                      sizeof(custom_data->findBuffer));
+                      _countof(custom_data->findBuffer));
             pFr->lpstrFindWhat = custom_data->findBuffer;
         }

    