https://git.reactos.org/?p=reactos.git;a=commitdiff;h=48d81f845dd294d71f21d… commit 48d81f845dd294d71f21d3312a5a16c426c4904e Author: Bișoc George <fraizeraust99(a)gmail.com> AuthorDate: Mon Nov 18 21:25:51 2019 +0100 Commit: Hermès BÉLUSCA - MAÏTO <hermes.belusca-maito(a)reactos.org> CommitDate: Mon Nov 18 21:25:51 2019 +0100 [OSK] Validate the registry value data on query (#2050) Ensure that the value data we query on loading the registry configuration settings matches with its data size --- base/applications/osk/settings.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/base/applications/osk/settings.c b/base/applications/osk/settings.c index b1bcb210f96..1f4d9c94800 100644 --- a/base/applications/osk/settings.c +++ b/base/applications/osk/settings.c @@ -16,7 +16,7 @@ BOOL LoadDataFromRegistry(VOID) HKEY hKey; LONG lResult; DWORD dwValue; - DWORD cbData = sizeof(DWORD); + DWORD cbData = sizeof(dwValue); /* Initialize the registry application settings */ Globals.bShowWarning = TRUE; @@ -49,7 +49,7 @@ BOOL LoadDataFromRegistry(VOID) (BYTE *)&dwValue, &cbData); - if (lResult != ERROR_SUCCESS) + if (lResult != ERROR_SUCCESS || cbData != sizeof(dwValue)) { /* Bail out and return FALSE if we fail */ RegCloseKey(hKey); @@ -67,7 +67,7 @@ BOOL LoadDataFromRegistry(VOID) (BYTE *)&dwValue, &cbData); - if (lResult != ERROR_SUCCESS) + if (lResult != ERROR_SUCCESS || cbData != sizeof(dwValue)) { /* Bail out and return FALSE if we fail */ RegCloseKey(hKey); @@ -85,7 +85,7 @@ BOOL LoadDataFromRegistry(VOID) (BYTE *)&dwValue, &cbData); - if (lResult != ERROR_SUCCESS) + if (lResult != ERROR_SUCCESS || cbData != sizeof(dwValue)) { /* Bail out and return FALSE if we fail */ RegCloseKey(hKey); @@ -103,7 +103,7 @@ BOOL LoadDataFromRegistry(VOID) (BYTE *)&dwValue, &cbData); - if (lResult != ERROR_SUCCESS) + if (lResult != ERROR_SUCCESS || cbData != sizeof(dwValue)) { /* Bail out and return FALSE if we fail */ RegCloseKey(hKey); @@ -120,7 +120,7 @@ BOOL LoadDataFromRegistry(VOID) (BYTE *)&dwValue, &cbData); - if (lResult != ERROR_SUCCESS) + if (lResult != ERROR_SUCCESS || cbData != sizeof(dwValue)) { /* Bail out and return FALSE if we fail */ RegCloseKey(hKey); @@ -137,7 +137,7 @@ BOOL LoadDataFromRegistry(VOID) (BYTE *)&dwValue, &cbData); - if (lResult != ERROR_SUCCESS) + if (lResult != ERROR_SUCCESS || cbData != sizeof(dwValue)) { /* Bail out and return FALSE if we fail */ RegCloseKey(hKey);