[tretiakov] 22525: Fix buffer overflow vulnerability (bug 1528) - Ros-diffs

23 Jun 2006

Author: tretiakov
Date: Fri Jun 23 18:55:52 2006
New Revision: 22525
URL: http://svn.reactos.ru/svn/reactos?rev=22525&view=rev
Log:
Fix buffer overflow vulnerability (bug 1528)
Modified:
    trunk/reactos/base/services/umpnpmgr/umpnpmgr.c
Modified: trunk/reactos/base/services/umpnpmgr/umpnpmgr.c
URL: http://svn.reactos.ru/svn/reactos/trunk/reactos/base/services/umpnpmgr/umpnp...
==============================================================================

--- trunk/reactos/base/services/umpnpmgr/umpnpmgr.c (original)
+++ trunk/reactos/base/services/umpnpmgr/umpnpmgr.c Fri Jun 23 18:55:52 2006
@@ -832,7 +832,9 @@
lstrcpyW(szKeyName, L"System\CurrentControlSet\Control\Class");
     lstrcatW(szKeyName, L"\");
-    lstrcatW(szKeyName, ClassGuid);
+    if(lstrlenW(ClassGuid) < sizeof(szKeyName)-lstrlenW(szKeyName))
+    	lstrcatW(szKeyName, ClassGuid);
+    else return CR_INVALID_DATA;
if (RegOpenKeyExW(HKEY_LOCAL_MACHINE,
                       szKeyName,

    