Author: cfinck Date: Sun May 18 05:56:31 2008 New Revision: 33571 URL: http://svn.reactos.org/svn/reactos?rev=33571&view=rev Log: Check if the GetWindowsDirectory call succeeded and use PathAppend to prevent a buffer overflow, when WinDir + "\regedit.exe" > MAX_PATH Modified: trunk/reactos/base/applications/regedt32/regedt32.c Modified: trunk/reactos/base/applications/regedt32/regedt32.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/base/applications/regedt32… ============================================================================== --- trunk/reactos/base/applications/regedt32/regedt32.c [iso-8859-1] (original) +++ trunk/reactos/base/applications/regedt32/regedt32.c [iso-8859-1] Sun May 18 05:56:31 2008 @@ -1,16 +1,18 @@ #include <windows.h> #include <tchar.h> #include <shellapi.h> +#include <shlwapi.h> int WINAPI _tWinMain(HINSTANCE hCurInst, HINSTANCE hPrevInst, LPTSTR lpsCmdLine, int nCmdShow) { TCHAR szPath[MAX_PATH]; - GetWindowsDirectory(szPath, MAX_PATH); - _tcscat(szPath, _T("\\regedit.exe")); - - ShellExecute(NULL, NULL, szPath, lpsCmdLine, NULL, nCmdShow); + if(GetWindowsDirectory(szPath, MAX_PATH)) + { + PathAppend(szPath, _T("regedit.exe")); + ShellExecute(NULL, NULL, szPath, lpsCmdLine, NULL, nCmdShow); + } return 0; }