[cfinck] 33571: Check if the GetWindowsDirectory call succeeded and use PathAppend to prevent a buffer overflow, when WinDir + "\regedit.exe" > MAX_PATH - Ros-diffs

18 May 2008

Author: cfinck
Date: Sun May 18 05:56:31 2008
New Revision: 33571
URL: http://svn.reactos.org/svn/reactos?rev=33571&view=rev
Log:
Check if the GetWindowsDirectory call succeeded and use PathAppend to prevent a buffer overflow, when WinDir + "\regedit.exe" > MAX_PATH
Modified:
    trunk/reactos/base/applications/regedt32/regedt32.c
Modified: trunk/reactos/base/applications/regedt32/regedt32.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/base/applications/regedt32/...
==============================================================================

--- trunk/reactos/base/applications/regedt32/regedt32.c [iso-8859-1] (original)
+++ trunk/reactos/base/applications/regedt32/regedt32.c [iso-8859-1] Sun May 18 05:56:31 2008
@@ -1,16 +1,18 @@
 #include <windows.h>
 #include <tchar.h>
 #include <shellapi.h>
+#include <shlwapi.h>
int WINAPI _tWinMain(HINSTANCE hCurInst, HINSTANCE hPrevInst,
                      LPTSTR lpsCmdLine, int nCmdShow)
 {
     TCHAR szPath[MAX_PATH];
-    GetWindowsDirectory(szPath, MAX_PATH);
-    _tcscat(szPath, _T("\regedit.exe"));
-
-    ShellExecute(NULL, NULL, szPath, lpsCmdLine, NULL, nCmdShow);
+    if(GetWindowsDirectory(szPath, MAX_PATH))
+    {
+        PathAppend(szPath, _T("regedit.exe"));
+        ShellExecute(NULL, NULL, szPath, lpsCmdLine, NULL, nCmdShow);
+    }
return 0;
 }

    