[reactos] 02/03: [IPHLPAPI] Check pointers when returning module info from specific connection
16 Feb
2019
16 Feb
'19
8:10 a.m.
https://git.reactos.org/?p=reactos.git;a=commitdiff;h=93b0957641f1b8c831152…
commit 93b0957641f1b8c831152aa6fdfc43e2d528f9b4
Author: Pierre Schweitzer <pierre(a)reactos.org>
AuthorDate: Sat Feb 16 09:00:06 2019 +0100
Commit: Pierre Schweitzer <pierre(a)reactos.org>
CommitDate: Sat Feb 16 09:00:06 2019 +0100
[IPHLPAPI] Check pointers when returning module info from specific connection
---
dll/win32/iphlpapi/iphlpapi_main.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/dll/win32/iphlpapi/iphlpapi_main.c b/dll/win32/iphlpapi/iphlpapi_main.c
index 83d53d2b10..5993c74f98 100644
--- a/dll/win32/iphlpapi/iphlpapi_main.c
+++ b/dll/win32/iphlpapi/iphlpapi_main.c
@@ -2293,6 +2293,12 @@ static DWORD GetOwnerModuleFromPidEntry(DWORD OwningPid,
TCPIP_OWNER_MODULE_INFO
WCHAR File[MAX_PATH], Path[MAX_PATH];
PTCPIP_OWNER_MODULE_BASIC_INFO BasicInfo;
+ if (IsBadWritePtr(pdwSize, sizeof(DWORD)) ||
+ IsBadWritePtr(Buffer, *pdwSize))
+ {
+ return ERROR_INVALID_PARAMETER;
+ }
+
if (OwningPid == 0)
{
return ERROR_NOT_FOUND;
@@ -2363,6 +2369,12 @@ static DWORD GetOwnerModuleFromTagEntry(DWORD OwningPid, DWORD
OwningTag, TCPIP_
PWSTR Buffer;
} ServiceQuery;
+ if (IsBadWritePtr(pdwSize, sizeof(DWORD)) ||
+ IsBadWritePtr(Buffer, *pdwSize))
+ {
+ return ERROR_INVALID_PARAMETER;
+ }
+
/* First, secure (avoid injections) load advapi32.dll */
Size = GetSystemDirectoryW(SysDir, MAX_PATH);
if (Size == 0)
2249
days inactive
2249
days old
0 comments
1 participants
participants (1)
-
Pierre Schweitzer