[fireball] 56888: [EXPLORER_NEW] - Fix possible buffer overflow: ExpandEnvironmentStrings wants character count size of a buffer, not byte sized. Spotted by Thomas Faber. See issue #6053 for more d...
14 Jul
2012
14 Jul
'12
12:02 p.m.
Author: fireball
Date: Sat Jul 14 12:02:19 2012
New Revision: 56888
URL: http://svn.reactos.org/svn/reactos?rev=56888&view=rev
Log:
[EXPLORER_NEW]
- Fix possible buffer overflow: ExpandEnvironmentStrings wants character count size of a
buffer, not byte sized. Spotted by Thomas Faber.
See issue #6053 for more details.
Modified:
trunk/reactos/base/shell/explorer/services/startup.c
Modified: trunk/reactos/base/shell/explorer/services/startup.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/base/shell/explorer/servic…
==============================================================================
--- trunk/reactos/base/shell/explorer/services/startup.c [iso-8859-1] (original)
+++ trunk/reactos/base/shell/explorer/services/startup.c [iso-8859-1] Sat Jul 14 12:02:19
2012
@@ -245,7 +245,7 @@
DWORD exit_code=0;
WCHAR szCmdLineExp[MAX_PATH+1]= L"\0";
- ExpandEnvironmentStrings(cmdline, szCmdLineExp, sizeof(szCmdLineExp));
+ ExpandEnvironmentStringsW(cmdline, szCmdLineExp, sizeof(szCmdLineExp) /
sizeof(WCHAR));
memset(&si, 0, sizeof(si));
si.cb=sizeof(si);
4450
days inactive
4450
days old
0 comments
1 participants
participants (1)
-
fireball@svn.reactos.org