Author: greatlrd Date: Sun Feb 4 21:17:34 2007 New Revision: 25718 URL: http://svn.reactos.org/svn/reactos?rev=25718&view=rev Log: fixed a problem possible overwrite memory in cmd. base on knowlges from bug 2017. the patch are incorrect to fix it. we simple do not allown overwrite the memory. See issue #2017 for more details. Modified: branches/ros-branch-0_3_1/reactos/base/shell/cmd/cmd.c Modified: branches/ros-branch-0_3_1/reactos/base/shell/cmd/cmd.c URL: http://svn.reactos.org/svn/reactos/branches/ros-branch-0_3_1/reactos/base/s… ============================================================================== --- branches/ros-branch-0_3_1/reactos/base/shell/cmd/cmd.c (original) +++ branches/ros-branch-0_3_1/reactos/base/shell/cmd/cmd.c Sun Feb 4 21:17:34 2007 @@ -187,6 +187,9 @@ INT c = 0; INT n = 0; + if (len <= 1) + return 0; + if (num.QuadPart == 0) { des[0] = _T('0'); @@ -203,6 +206,8 @@ temp[30 - c++] = (TCHAR)(num.QuadPart % 10) + _T('0'); num.QuadPart /= 10; } + if (c>len) + c=len; for (n = 0; n <= c; n++) des[n] = temp[31 - c + n];