Author: hbelusca Date: Sun May 18 23:45:43 2014 New Revision: 63365

URL: http://svn.reactos.org/svn/reactos?rev=63365&view=rev Log: [NTVDM] Correctly NULL-terminate the command-lines when needed (and avoid buffer overruns).

Modified: trunk/reactos/subsystems/ntvdm/dos/dem.c trunk/reactos/subsystems/ntvdm/dos/dos32krnl/dos.c

Modified: trunk/reactos/subsystems/ntvdm/dos/dem.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/subsystems/ntvdm/dos/dem.c?... ============================================================================== --- trunk/reactos/subsystems/ntvdm/dos/dem.c [iso-8859-1] (original) +++ trunk/reactos/subsystems/ntvdm/dos/dem.c [iso-8859-1] Sun May 18 23:45:43 2014 @@ -119,8 +119,8 @@ STARTUPINFOA StartupInfo; PROCESS_INFORMATION ProcessInformation;

- /* NULL-terminate the command by removing the return carriage character */ - while (*CmdPtr != '\r') CmdPtr++; + /* NULL-terminate the command line by removing the return carriage character */ + while (*CmdPtr && *CmdPtr != '\r') CmdPtr++; *CmdPtr = '\0';

DPRINT1("CMD Run Command '%s'\n", Command);

Modified: trunk/reactos/subsystems/ntvdm/dos/dos32krnl/dos.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/subsystems/ntvdm/dos/dos32k... ============================================================================== --- trunk/reactos/subsystems/ntvdm/dos/dos32krnl/dos.c [iso-8859-1] (original) +++ trunk/reactos/subsystems/ntvdm/dos/dos32krnl/dos.c [iso-8859-1] Sun May 18 23:45:43 2014 @@ -926,6 +926,10 @@ return ERROR_NOT_SUPPORTED; }

+ /* NULL-terminate the command line by removing the return carriage character */ + while (*CommandLine && *CommandLine != '\r') CommandLine++; + *(LPSTR)CommandLine = '\0'; + /* Open a handle to the executable */ FileHandle = CreateFileA(ExecutablePath, GENERIC_READ,