[fireball] 24837: Dmitry G. Gorbachev: Fix possible buffer overflow in FreeLdr See issue #1881 for more details.
26 Nov
2006
26 Nov
'06
1:37 p.m.
Author: fireball
Date: Sun Nov 26 16:37:50 2006
New Revision: 24837
URL: http://svn.reactos.org/svn/reactos?rev=24837&view=rev
Log:
Dmitry G. Gorbachev: Fix possible buffer overflow in FreeLdr
See issue #1881 for more details.
Modified:
trunk/reactos/boot/freeldr/freeldr/bootmgr.c
trunk/reactos/boot/freeldr/freeldr/drivemap.c
trunk/reactos/boot/freeldr/freeldr/linuxboot.c
trunk/reactos/boot/freeldr/freeldr/miscboot.c
trunk/reactos/boot/freeldr/freeldr/oslist.c
trunk/reactos/boot/freeldr/freeldr/reactos/reactos.c
trunk/reactos/boot/freeldr/freeldr/ui/ui.c
Modified: trunk/reactos/boot/freeldr/freeldr/bootmgr.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/boot/freeldr/freeldr/bootm…
==============================================================================
--- trunk/reactos/boot/freeldr/freeldr/bootmgr.c (original)
+++ trunk/reactos/boot/freeldr/freeldr/bootmgr.c Sun Nov 26 16:37:50 2006
@@ -111,7 +111,7 @@
}
// Try to read the boot type
- if (!IniReadSettingByName(SectionId, "BootType", SettingValue, 80))
+ if (!IniReadSettingByName(SectionId, "BootType", SettingValue,
sizeof(SettingValue)))
{
sprintf(SettingName, "BootType= line not found in section [%s] in
freeldr.ini.\n", OperatingSystemSectionNames[SelectedOperatingSystem]);
UiMessageBox(SettingName);
@@ -180,7 +180,7 @@
DefaultOSName = CmdLineGetDefaultOS();
if (NULL == DefaultOSName)
{
- if (IniReadSettingByName(SectionId, "DefaultOS", DefaultOSText, 80))
+ if (IniReadSettingByName(SectionId, "DefaultOS", DefaultOSText,
sizeof(DefaultOSText)))
{
DefaultOSName = DefaultOSText;
}
@@ -218,7 +218,7 @@
return -1;
}
- if (IniReadSettingByName(SectionId, "TimeOut", TimeOutText, 20))
+ if (IniReadSettingByName(SectionId, "TimeOut", TimeOutText,
sizeof(TimeOutText)))
{
TimeOut = atoi(TimeOutText);
}
Modified: trunk/reactos/boot/freeldr/freeldr/drivemap.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/boot/freeldr/freeldr/drive…
==============================================================================
--- trunk/reactos/boot/freeldr/freeldr/drivemap.c (original)
+++ trunk/reactos/boot/freeldr/freeldr/drivemap.c Sun Nov 26 16:37:50 2006
@@ -54,7 +54,7 @@
for (Index=0; Index<SectionItemCount; Index++)
{
// Get the next setting from the .ini file section
- if (IniReadSettingByNumber(SectionId, Index, SettingName, 80, SettingValue, 80))
+ if (IniReadSettingByNumber(SectionId, Index, SettingName, sizeof(SettingName),
SettingValue, sizeof(SettingValue)))
{
if (_stricmp(SettingName, "DriveMap") == 0)
{
Modified: trunk/reactos/boot/freeldr/freeldr/linuxboot.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/boot/freeldr/freeldr/linux…
==============================================================================
--- trunk/reactos/boot/freeldr/freeldr/linuxboot.c (original)
+++ trunk/reactos/boot/freeldr/freeldr/linuxboot.c Sun Nov 26 16:37:50 2006
@@ -233,27 +233,27 @@
return FALSE;
}
- if (!IniReadSettingByName(SectionId, "BootPath", LinuxBootPath, 260))
+ if (!IniReadSettingByName(SectionId, "BootPath", LinuxBootPath,
sizeof(LinuxBootPath)))
{
UiMessageBox("Boot path not specified for selected OS!");
return FALSE;
}
// Get the kernel name
- if (!IniReadSettingByName(SectionId, "Kernel", LinuxKernelName, 260))
+ if (!IniReadSettingByName(SectionId, "Kernel", LinuxKernelName,
sizeof(LinuxKernelName)))
{
UiMessageBox("Linux kernel filename not specified for selected OS!");
return FALSE;
}
// Get the initrd name
- if (IniReadSettingByName(SectionId, "Initrd", LinuxInitrdName, 260))
+ if (IniReadSettingByName(SectionId, "Initrd", LinuxInitrdName,
sizeof(LinuxInitrdName)))
{
LinuxHasInitrd = TRUE;
}
// Get the command line
- if (IniReadSettingByName(SectionId, "CommandLine", LinuxCommandLine, 260))
+ if (IniReadSettingByName(SectionId, "CommandLine", LinuxCommandLine,
sizeof(LinuxCommandLine)))
{
RemoveQuotes(LinuxCommandLine);
LinuxCommandLineSize = strlen(LinuxCommandLine) + 1;
Modified: trunk/reactos/boot/freeldr/freeldr/miscboot.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/boot/freeldr/freeldr/miscb…
==============================================================================
--- trunk/reactos/boot/freeldr/freeldr/miscboot.c (original)
+++ trunk/reactos/boot/freeldr/freeldr/miscboot.c Sun Nov 26 16:37:50 2006
@@ -38,7 +38,7 @@
return;
}
- if (!IniReadSettingByName(SectionId, "BootSectorFile", FileName, 260))
+ if (!IniReadSettingByName(SectionId, "BootSectorFile", FileName,
sizeof(FileName)))
{
UiMessageBox("Boot sector file not specified for selected OS!");
return;
@@ -111,7 +111,7 @@
}
// Read the boot drive
- if (!IniReadSettingByName(SectionId, "BootDrive", SettingValue, 80))
+ if (!IniReadSettingByName(SectionId, "BootDrive", SettingValue,
sizeof(SettingValue)))
{
UiMessageBox("Boot drive not specified for selected OS!");
return;
@@ -120,7 +120,7 @@
DriveNumber = DriveMapGetBiosDriveNumber(SettingValue);
// Read the boot partition
- if (!IniReadSettingByName(SectionId, "BootPartition", SettingValue, 80))
+ if (!IniReadSettingByName(SectionId, "BootPartition", SettingValue,
sizeof(SettingValue)))
{
UiMessageBox("Boot partition not specified for selected OS!");
return;
@@ -179,7 +179,7 @@
return;
}
- if (!IniReadSettingByName(SectionId, "BootDrive", SettingValue, 80))
+ if (!IniReadSettingByName(SectionId, "BootDrive", SettingValue,
sizeof(SettingValue)))
{
UiMessageBox("Boot drive not specified for selected OS!");
return;
Modified: trunk/reactos/boot/freeldr/freeldr/oslist.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/boot/freeldr/freeldr/oslis…
==============================================================================
--- trunk/reactos/boot/freeldr/freeldr/oslist.c (original)
+++ trunk/reactos/boot/freeldr/freeldr/oslist.c Sun Nov 26 16:37:50 2006
@@ -58,7 +58,7 @@
CurrentOperatingSystemIndex = 0;
for (Idx=0; Idx<SectionSettingCount; Idx++)
{
- IniReadSettingByNumber(SectionId, Idx, SettingName, 260, SettingValue, 260);
+ IniReadSettingByNumber(SectionId, Idx, SettingName, sizeof(SettingName), SettingValue,
sizeof(SettingValue));
if (IniOpenSection(SettingName, &OperatingSystemSectionId))
{
@@ -94,7 +94,7 @@
SectionSettingCount = IniGetNumSectionItems(SectionId);
for (Idx=0; Idx<SectionSettingCount; Idx++)
{
- IniReadSettingByNumber(SectionId, Idx, SettingName, 260, SettingValue, 260);
+ IniReadSettingByNumber(SectionId, Idx, SettingName, sizeof(SettingName), SettingValue,
sizeof(SettingValue));
if (IniOpenSection(SettingName, NULL))
{
Modified: trunk/reactos/boot/freeldr/freeldr/reactos/reactos.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/boot/freeldr/freeldr/react…
==============================================================================
--- trunk/reactos/boot/freeldr/freeldr/reactos/reactos.c (original)
+++ trunk/reactos/boot/freeldr/freeldr/reactos/reactos.c Sun Nov 26 16:37:50 2006
@@ -758,7 +758,7 @@
/*
* Read the optional kernel parameters (if any)
*/
- if (IniReadSettingByName(SectionId, "Options", value, 1024))
+ if (IniReadSettingByName(SectionId, "Options", value, sizeof(value)))
{
strcat(reactos_kernel_cmdline, " ");
strcat(reactos_kernel_cmdline, value);
@@ -795,7 +795,7 @@
* Find the kernel image name
* and try to load the kernel off the disk
*/
- if(IniReadSettingByName(SectionId, "Kernel", value, 1024))
+ if(IniReadSettingByName(SectionId, "Kernel", value, sizeof(value)))
{
/*
* Set the name and
@@ -823,7 +823,7 @@
* Find the HAL image name
* and try to load the kernel off the disk
*/
- if(IniReadSettingByName(SectionId, "Hal", value, 1024))
+ if(IniReadSettingByName(SectionId, "Hal", value, sizeof(value)))
{
/*
* Set the name and
Modified: trunk/reactos/boot/freeldr/freeldr/ui/ui.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/boot/freeldr/freeldr/ui/ui…
==============================================================================
--- trunk/reactos/boot/freeldr/freeldr/ui/ui.c (original)
+++ trunk/reactos/boot/freeldr/freeldr/ui/ui.c Sun Nov 26 16:37:50 2006
@@ -83,84 +83,84 @@
DisplayModeText[0] = '\0';
if (IniOpenSection("Display", &SectionId))
{
- if (! IniReadSettingByName(SectionId, "DisplayMode", DisplayModeText, 260))
+ if (! IniReadSettingByName(SectionId, "DisplayMode", DisplayModeText,
sizeof(DisplayModeText)))
{
DisplayModeText[0] = '\0';
}
- if (IniReadSettingByName(SectionId, "TitleText", SettingText, 260))
+ if (IniReadSettingByName(SectionId, "TitleText", SettingText,
sizeof(SettingText)))
{
strcpy(UiTitleBoxTitleText, SettingText);
}
- if (IniReadSettingByName(SectionId, "TimeText", SettingText, 260))
+ if (IniReadSettingByName(SectionId, "TimeText", SettingText,
sizeof(SettingText)))
{
strcpy(UiTimeText, SettingText);
}
- if (IniReadSettingByName(SectionId, "StatusBarColor", SettingText, 260))
+ if (IniReadSettingByName(SectionId, "StatusBarColor", SettingText,
sizeof(SettingText)))
{
UiStatusBarBgColor = UiTextToColor(SettingText);
}
- if (IniReadSettingByName(SectionId, "StatusBarTextColor", SettingText, 260))
+ if (IniReadSettingByName(SectionId, "StatusBarTextColor", SettingText,
sizeof(SettingText)))
{
UiStatusBarFgColor = UiTextToColor(SettingText);
}
- if (IniReadSettingByName(SectionId, "BackdropTextColor", SettingText, 260))
+ if (IniReadSettingByName(SectionId, "BackdropTextColor", SettingText,
sizeof(SettingText)))
{
UiBackdropFgColor = UiTextToColor(SettingText);
}
- if (IniReadSettingByName(SectionId, "BackdropColor", SettingText, 260))
+ if (IniReadSettingByName(SectionId, "BackdropColor", SettingText,
sizeof(SettingText)))
{
UiBackdropBgColor = UiTextToColor(SettingText);
}
- if (IniReadSettingByName(SectionId, "BackdropFillStyle", SettingText, 260))
+ if (IniReadSettingByName(SectionId, "BackdropFillStyle", SettingText,
sizeof(SettingText)))
{
UiBackdropFillStyle = UiTextToFillStyle(SettingText);
}
- if (IniReadSettingByName(SectionId, "TitleBoxTextColor", SettingText, 260))
+ if (IniReadSettingByName(SectionId, "TitleBoxTextColor", SettingText,
sizeof(SettingText)))
{
UiTitleBoxFgColor = UiTextToColor(SettingText);
}
- if (IniReadSettingByName(SectionId, "TitleBoxColor", SettingText, 260))
+ if (IniReadSettingByName(SectionId, "TitleBoxColor", SettingText,
sizeof(SettingText)))
{
UiTitleBoxBgColor = UiTextToColor(SettingText);
}
- if (IniReadSettingByName(SectionId, "MessageBoxTextColor", SettingText,
260))
+ if (IniReadSettingByName(SectionId, "MessageBoxTextColor", SettingText,
sizeof(SettingText)))
{
UiMessageBoxFgColor = UiTextToColor(SettingText);
}
- if (IniReadSettingByName(SectionId, "MessageBoxColor", SettingText, 260))
+ if (IniReadSettingByName(SectionId, "MessageBoxColor", SettingText,
sizeof(SettingText)))
{
UiMessageBoxBgColor = UiTextToColor(SettingText);
}
- if (IniReadSettingByName(SectionId, "MenuTextColor", SettingText, 260))
+ if (IniReadSettingByName(SectionId, "MenuTextColor", SettingText,
sizeof(SettingText)))
{
UiMenuFgColor = UiTextToColor(SettingText);
}
- if (IniReadSettingByName(SectionId, "MenuColor", SettingText, 260))
+ if (IniReadSettingByName(SectionId, "MenuColor", SettingText,
sizeof(SettingText)))
{
UiMenuBgColor = UiTextToColor(SettingText);
}
- if (IniReadSettingByName(SectionId, "TextColor", SettingText, 260))
+ if (IniReadSettingByName(SectionId, "TextColor", SettingText,
sizeof(SettingText)))
{
UiTextColor = UiTextToColor(SettingText);
}
- if (IniReadSettingByName(SectionId, "SelectedTextColor", SettingText, 260))
+ if (IniReadSettingByName(SectionId, "SelectedTextColor", SettingText,
sizeof(SettingText)))
{
UiSelectedTextColor = UiTextToColor(SettingText);
}
- if (IniReadSettingByName(SectionId, "SelectedColor", SettingText, 260))
+ if (IniReadSettingByName(SectionId, "SelectedColor", SettingText,
sizeof(SettingText)))
{
UiSelectedTextBgColor = UiTextToColor(SettingText);
}
- if (IniReadSettingByName(SectionId, "EditBoxTextColor", SettingText, 260))
+ if (IniReadSettingByName(SectionId, "EditBoxTextColor", SettingText,
sizeof(SettingText)))
{
UiEditBoxTextColor = UiTextToColor(SettingText);
}
- if (IniReadSettingByName(SectionId, "EditBoxColor", SettingText, 260))
+ if (IniReadSettingByName(SectionId, "EditBoxColor", SettingText,
sizeof(SettingText)))
{
UiEditBoxBgColor = UiTextToColor(SettingText);
}
- if (IniReadSettingByName(SectionId, "SpecialEffects", SettingText, 260))
+ if (IniReadSettingByName(SectionId, "SpecialEffects", SettingText,
sizeof(SettingText)))
{
if (_stricmp(SettingText, "Yes") == 0 && strlen(SettingText) == 3)
{
@@ -171,7 +171,7 @@
UiUseSpecialEffects = FALSE;
}
}
- if (IniReadSettingByName(SectionId, "ShowTime", SettingText, 260))
+ if (IniReadSettingByName(SectionId, "ShowTime", SettingText,
sizeof(SettingText)))
{
if (_stricmp(SettingText, "Yes") == 0 && strlen(SettingText) == 3)
{
@@ -182,7 +182,7 @@
UiDrawTime = FALSE;
}
}
- if (IniReadSettingByName(SectionId, "MinimalUI", SettingText, 260))
+ if (IniReadSettingByName(SectionId, "MinimalUI", SettingText,
sizeof(SettingText)))
{
if (_stricmp(SettingText, "Yes") == 0 && strlen(SettingText) == 3)
{
@@ -193,7 +193,7 @@
UiMinimal = FALSE;
}
}
- if (IniReadSettingByName(SectionId, "MenuBox", SettingText, 260))
+ if (IniReadSettingByName(SectionId, "MenuBox", SettingText,
sizeof(SettingText)))
{
if (_stricmp(SettingText, "Yes") == 0 && strlen(SettingText) == 3)
{
@@ -204,7 +204,7 @@
UiMenuBox = FALSE;
}
}
- if (IniReadSettingByName(SectionId, "CenterMenu", SettingText, 260))
+ if (IniReadSettingByName(SectionId, "CenterMenu", SettingText,
sizeof(SettingText)))
{
if (_stricmp(SettingText, "Yes") == 0 && strlen(SettingText) == 3)
{
@@ -595,7 +595,7 @@
//
for (Idx=0; Idx<IniGetNumSectionItems(SectionId); Idx++)
{
- IniReadSettingByNumber(SectionId, Idx, SettingName, 79, SettingValue, 79);
+ IniReadSettingByNumber(SectionId, Idx, SettingName, sizeof(SettingName), SettingValue,
sizeof(SettingValue));
if (_stricmp(SettingName, "MessageBox") == 0)
{
@@ -610,7 +610,7 @@
if (MessageBoxText)
{
// Get the MessageBox text
- IniReadSettingByNumber(SectionId, Idx, SettingName, 80, MessageBoxText,
MessageBoxTextSize);
+ IniReadSettingByNumber(SectionId, Idx, SettingName, sizeof(SettingName),
MessageBoxText, MessageBoxTextSize);
// Fix it up
UiEscapeString(MessageBoxText);
6536
days inactive
6536
days old
0 comments
1 participants
participants (1)
-
fireball@svn.reactos.org