[fireball] 24837: Dmitry G. Gorbachev: Fix possible buffer overflow in FreeLdr See issue #1881 for more details.
Author: fireball Date: Sun Nov 26 16:37:50 2006 New Revision: 24837
URL: http://svn.reactos.org/svn/reactos?rev=24837&view=rev Log: Dmitry G. Gorbachev: Fix possible buffer overflow in FreeLdr See issue #1881 for more details.
Modified: trunk/reactos/boot/freeldr/freeldr/bootmgr.c trunk/reactos/boot/freeldr/freeldr/drivemap.c trunk/reactos/boot/freeldr/freeldr/linuxboot.c trunk/reactos/boot/freeldr/freeldr/miscboot.c trunk/reactos/boot/freeldr/freeldr/oslist.c trunk/reactos/boot/freeldr/freeldr/reactos/reactos.c trunk/reactos/boot/freeldr/freeldr/ui/ui.c
Modified: trunk/reactos/boot/freeldr/freeldr/bootmgr.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/boot/freeldr/freeldr/bootmg... ============================================================================== --- trunk/reactos/boot/freeldr/freeldr/bootmgr.c (original) +++ trunk/reactos/boot/freeldr/freeldr/bootmgr.c Sun Nov 26 16:37:50 2006 @@ -111,7 +111,7 @@ }
// Try to read the boot type - if (!IniReadSettingByName(SectionId, "BootType", SettingValue, 80)) + if (!IniReadSettingByName(SectionId, "BootType", SettingValue, sizeof(SettingValue))) { sprintf(SettingName, "BootType= line not found in section [%s] in freeldr.ini.\n", OperatingSystemSectionNames[SelectedOperatingSystem]); UiMessageBox(SettingName); @@ -180,7 +180,7 @@ DefaultOSName = CmdLineGetDefaultOS(); if (NULL == DefaultOSName) { - if (IniReadSettingByName(SectionId, "DefaultOS", DefaultOSText, 80)) + if (IniReadSettingByName(SectionId, "DefaultOS", DefaultOSText, sizeof(DefaultOSText))) { DefaultOSName = DefaultOSText; } @@ -218,7 +218,7 @@ return -1; }
- if (IniReadSettingByName(SectionId, "TimeOut", TimeOutText, 20)) + if (IniReadSettingByName(SectionId, "TimeOut", TimeOutText, sizeof(TimeOutText))) { TimeOut = atoi(TimeOutText); }
Modified: trunk/reactos/boot/freeldr/freeldr/drivemap.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/boot/freeldr/freeldr/drivem... ============================================================================== --- trunk/reactos/boot/freeldr/freeldr/drivemap.c (original) +++ trunk/reactos/boot/freeldr/freeldr/drivemap.c Sun Nov 26 16:37:50 2006 @@ -54,7 +54,7 @@ for (Index=0; Index<SectionItemCount; Index++) { // Get the next setting from the .ini file section - if (IniReadSettingByNumber(SectionId, Index, SettingName, 80, SettingValue, 80)) + if (IniReadSettingByNumber(SectionId, Index, SettingName, sizeof(SettingName), SettingValue, sizeof(SettingValue))) { if (_stricmp(SettingName, "DriveMap") == 0) {
Modified: trunk/reactos/boot/freeldr/freeldr/linuxboot.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/boot/freeldr/freeldr/linuxb... ============================================================================== --- trunk/reactos/boot/freeldr/freeldr/linuxboot.c (original) +++ trunk/reactos/boot/freeldr/freeldr/linuxboot.c Sun Nov 26 16:37:50 2006 @@ -233,27 +233,27 @@ return FALSE; }
- if (!IniReadSettingByName(SectionId, "BootPath", LinuxBootPath, 260)) + if (!IniReadSettingByName(SectionId, "BootPath", LinuxBootPath, sizeof(LinuxBootPath))) { UiMessageBox("Boot path not specified for selected OS!"); return FALSE; }
// Get the kernel name - if (!IniReadSettingByName(SectionId, "Kernel", LinuxKernelName, 260)) + if (!IniReadSettingByName(SectionId, "Kernel", LinuxKernelName, sizeof(LinuxKernelName))) { UiMessageBox("Linux kernel filename not specified for selected OS!"); return FALSE; }
// Get the initrd name - if (IniReadSettingByName(SectionId, "Initrd", LinuxInitrdName, 260)) + if (IniReadSettingByName(SectionId, "Initrd", LinuxInitrdName, sizeof(LinuxInitrdName))) { LinuxHasInitrd = TRUE; }
// Get the command line - if (IniReadSettingByName(SectionId, "CommandLine", LinuxCommandLine, 260)) + if (IniReadSettingByName(SectionId, "CommandLine", LinuxCommandLine, sizeof(LinuxCommandLine))) { RemoveQuotes(LinuxCommandLine); LinuxCommandLineSize = strlen(LinuxCommandLine) + 1;
Modified: trunk/reactos/boot/freeldr/freeldr/miscboot.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/boot/freeldr/freeldr/miscbo... ============================================================================== --- trunk/reactos/boot/freeldr/freeldr/miscboot.c (original) +++ trunk/reactos/boot/freeldr/freeldr/miscboot.c Sun Nov 26 16:37:50 2006 @@ -38,7 +38,7 @@ return; }
- if (!IniReadSettingByName(SectionId, "BootSectorFile", FileName, 260)) + if (!IniReadSettingByName(SectionId, "BootSectorFile", FileName, sizeof(FileName))) { UiMessageBox("Boot sector file not specified for selected OS!"); return; @@ -111,7 +111,7 @@ }
// Read the boot drive - if (!IniReadSettingByName(SectionId, "BootDrive", SettingValue, 80)) + if (!IniReadSettingByName(SectionId, "BootDrive", SettingValue, sizeof(SettingValue))) { UiMessageBox("Boot drive not specified for selected OS!"); return; @@ -120,7 +120,7 @@ DriveNumber = DriveMapGetBiosDriveNumber(SettingValue);
// Read the boot partition - if (!IniReadSettingByName(SectionId, "BootPartition", SettingValue, 80)) + if (!IniReadSettingByName(SectionId, "BootPartition", SettingValue, sizeof(SettingValue))) { UiMessageBox("Boot partition not specified for selected OS!"); return; @@ -179,7 +179,7 @@ return; }
- if (!IniReadSettingByName(SectionId, "BootDrive", SettingValue, 80)) + if (!IniReadSettingByName(SectionId, "BootDrive", SettingValue, sizeof(SettingValue))) { UiMessageBox("Boot drive not specified for selected OS!"); return;
Modified: trunk/reactos/boot/freeldr/freeldr/oslist.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/boot/freeldr/freeldr/oslist... ============================================================================== --- trunk/reactos/boot/freeldr/freeldr/oslist.c (original) +++ trunk/reactos/boot/freeldr/freeldr/oslist.c Sun Nov 26 16:37:50 2006 @@ -58,7 +58,7 @@ CurrentOperatingSystemIndex = 0; for (Idx=0; Idx<SectionSettingCount; Idx++) { - IniReadSettingByNumber(SectionId, Idx, SettingName, 260, SettingValue, 260); + IniReadSettingByNumber(SectionId, Idx, SettingName, sizeof(SettingName), SettingValue, sizeof(SettingValue));
if (IniOpenSection(SettingName, &OperatingSystemSectionId)) { @@ -94,7 +94,7 @@ SectionSettingCount = IniGetNumSectionItems(SectionId); for (Idx=0; Idx<SectionSettingCount; Idx++) { - IniReadSettingByNumber(SectionId, Idx, SettingName, 260, SettingValue, 260); + IniReadSettingByNumber(SectionId, Idx, SettingName, sizeof(SettingName), SettingValue, sizeof(SettingValue));
if (IniOpenSection(SettingName, NULL)) {
Modified: trunk/reactos/boot/freeldr/freeldr/reactos/reactos.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/boot/freeldr/freeldr/reacto... ============================================================================== --- trunk/reactos/boot/freeldr/freeldr/reactos/reactos.c (original) +++ trunk/reactos/boot/freeldr/freeldr/reactos/reactos.c Sun Nov 26 16:37:50 2006 @@ -758,7 +758,7 @@ /* * Read the optional kernel parameters (if any) */ - if (IniReadSettingByName(SectionId, "Options", value, 1024)) + if (IniReadSettingByName(SectionId, "Options", value, sizeof(value))) { strcat(reactos_kernel_cmdline, " "); strcat(reactos_kernel_cmdline, value); @@ -795,7 +795,7 @@ * Find the kernel image name * and try to load the kernel off the disk */ - if(IniReadSettingByName(SectionId, "Kernel", value, 1024)) + if(IniReadSettingByName(SectionId, "Kernel", value, sizeof(value))) { /* * Set the name and @@ -823,7 +823,7 @@ * Find the HAL image name * and try to load the kernel off the disk */ - if(IniReadSettingByName(SectionId, "Hal", value, 1024)) + if(IniReadSettingByName(SectionId, "Hal", value, sizeof(value))) { /* * Set the name and
Modified: trunk/reactos/boot/freeldr/freeldr/ui/ui.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/boot/freeldr/freeldr/ui/ui.... ============================================================================== --- trunk/reactos/boot/freeldr/freeldr/ui/ui.c (original) +++ trunk/reactos/boot/freeldr/freeldr/ui/ui.c Sun Nov 26 16:37:50 2006 @@ -83,84 +83,84 @@ DisplayModeText[0] = '\0'; if (IniOpenSection("Display", &SectionId)) { - if (! IniReadSettingByName(SectionId, "DisplayMode", DisplayModeText, 260)) + if (! IniReadSettingByName(SectionId, "DisplayMode", DisplayModeText, sizeof(DisplayModeText))) { DisplayModeText[0] = '\0'; }
- if (IniReadSettingByName(SectionId, "TitleText", SettingText, 260)) + if (IniReadSettingByName(SectionId, "TitleText", SettingText, sizeof(SettingText))) { strcpy(UiTitleBoxTitleText, SettingText); } - if (IniReadSettingByName(SectionId, "TimeText", SettingText, 260)) + if (IniReadSettingByName(SectionId, "TimeText", SettingText, sizeof(SettingText))) { strcpy(UiTimeText, SettingText); } - if (IniReadSettingByName(SectionId, "StatusBarColor", SettingText, 260)) + if (IniReadSettingByName(SectionId, "StatusBarColor", SettingText, sizeof(SettingText))) { UiStatusBarBgColor = UiTextToColor(SettingText); } - if (IniReadSettingByName(SectionId, "StatusBarTextColor", SettingText, 260)) + if (IniReadSettingByName(SectionId, "StatusBarTextColor", SettingText, sizeof(SettingText))) { UiStatusBarFgColor = UiTextToColor(SettingText); } - if (IniReadSettingByName(SectionId, "BackdropTextColor", SettingText, 260)) + if (IniReadSettingByName(SectionId, "BackdropTextColor", SettingText, sizeof(SettingText))) { UiBackdropFgColor = UiTextToColor(SettingText); } - if (IniReadSettingByName(SectionId, "BackdropColor", SettingText, 260)) + if (IniReadSettingByName(SectionId, "BackdropColor", SettingText, sizeof(SettingText))) { UiBackdropBgColor = UiTextToColor(SettingText); } - if (IniReadSettingByName(SectionId, "BackdropFillStyle", SettingText, 260)) + if (IniReadSettingByName(SectionId, "BackdropFillStyle", SettingText, sizeof(SettingText))) { UiBackdropFillStyle = UiTextToFillStyle(SettingText); } - if (IniReadSettingByName(SectionId, "TitleBoxTextColor", SettingText, 260)) + if (IniReadSettingByName(SectionId, "TitleBoxTextColor", SettingText, sizeof(SettingText))) { UiTitleBoxFgColor = UiTextToColor(SettingText); } - if (IniReadSettingByName(SectionId, "TitleBoxColor", SettingText, 260)) + if (IniReadSettingByName(SectionId, "TitleBoxColor", SettingText, sizeof(SettingText))) { UiTitleBoxBgColor = UiTextToColor(SettingText); } - if (IniReadSettingByName(SectionId, "MessageBoxTextColor", SettingText, 260)) + if (IniReadSettingByName(SectionId, "MessageBoxTextColor", SettingText, sizeof(SettingText))) { UiMessageBoxFgColor = UiTextToColor(SettingText); } - if (IniReadSettingByName(SectionId, "MessageBoxColor", SettingText, 260)) + if (IniReadSettingByName(SectionId, "MessageBoxColor", SettingText, sizeof(SettingText))) { UiMessageBoxBgColor = UiTextToColor(SettingText); } - if (IniReadSettingByName(SectionId, "MenuTextColor", SettingText, 260)) + if (IniReadSettingByName(SectionId, "MenuTextColor", SettingText, sizeof(SettingText))) { UiMenuFgColor = UiTextToColor(SettingText); } - if (IniReadSettingByName(SectionId, "MenuColor", SettingText, 260)) + if (IniReadSettingByName(SectionId, "MenuColor", SettingText, sizeof(SettingText))) { UiMenuBgColor = UiTextToColor(SettingText); } - if (IniReadSettingByName(SectionId, "TextColor", SettingText, 260)) + if (IniReadSettingByName(SectionId, "TextColor", SettingText, sizeof(SettingText))) { UiTextColor = UiTextToColor(SettingText); } - if (IniReadSettingByName(SectionId, "SelectedTextColor", SettingText, 260)) + if (IniReadSettingByName(SectionId, "SelectedTextColor", SettingText, sizeof(SettingText))) { UiSelectedTextColor = UiTextToColor(SettingText); } - if (IniReadSettingByName(SectionId, "SelectedColor", SettingText, 260)) + if (IniReadSettingByName(SectionId, "SelectedColor", SettingText, sizeof(SettingText))) { UiSelectedTextBgColor = UiTextToColor(SettingText); } - if (IniReadSettingByName(SectionId, "EditBoxTextColor", SettingText, 260)) + if (IniReadSettingByName(SectionId, "EditBoxTextColor", SettingText, sizeof(SettingText))) { UiEditBoxTextColor = UiTextToColor(SettingText); } - if (IniReadSettingByName(SectionId, "EditBoxColor", SettingText, 260)) + if (IniReadSettingByName(SectionId, "EditBoxColor", SettingText, sizeof(SettingText))) { UiEditBoxBgColor = UiTextToColor(SettingText); } - if (IniReadSettingByName(SectionId, "SpecialEffects", SettingText, 260)) + if (IniReadSettingByName(SectionId, "SpecialEffects", SettingText, sizeof(SettingText))) { if (_stricmp(SettingText, "Yes") == 0 && strlen(SettingText) == 3) { @@ -171,7 +171,7 @@ UiUseSpecialEffects = FALSE; } } - if (IniReadSettingByName(SectionId, "ShowTime", SettingText, 260)) + if (IniReadSettingByName(SectionId, "ShowTime", SettingText, sizeof(SettingText))) { if (_stricmp(SettingText, "Yes") == 0 && strlen(SettingText) == 3) { @@ -182,7 +182,7 @@ UiDrawTime = FALSE; } } - if (IniReadSettingByName(SectionId, "MinimalUI", SettingText, 260)) + if (IniReadSettingByName(SectionId, "MinimalUI", SettingText, sizeof(SettingText))) { if (_stricmp(SettingText, "Yes") == 0 && strlen(SettingText) == 3) { @@ -193,7 +193,7 @@ UiMinimal = FALSE; } } - if (IniReadSettingByName(SectionId, "MenuBox", SettingText, 260)) + if (IniReadSettingByName(SectionId, "MenuBox", SettingText, sizeof(SettingText))) { if (_stricmp(SettingText, "Yes") == 0 && strlen(SettingText) == 3) { @@ -204,7 +204,7 @@ UiMenuBox = FALSE; } } - if (IniReadSettingByName(SectionId, "CenterMenu", SettingText, 260)) + if (IniReadSettingByName(SectionId, "CenterMenu", SettingText, sizeof(SettingText))) { if (_stricmp(SettingText, "Yes") == 0 && strlen(SettingText) == 3) { @@ -595,7 +595,7 @@ // for (Idx=0; Idx<IniGetNumSectionItems(SectionId); Idx++) { - IniReadSettingByNumber(SectionId, Idx, SettingName, 79, SettingValue, 79); + IniReadSettingByNumber(SectionId, Idx, SettingName, sizeof(SettingName), SettingValue, sizeof(SettingValue));
if (_stricmp(SettingName, "MessageBox") == 0) { @@ -610,7 +610,7 @@ if (MessageBoxText) { // Get the MessageBox text - IniReadSettingByNumber(SectionId, Idx, SettingName, 80, MessageBoxText, MessageBoxTextSize); + IniReadSettingByNumber(SectionId, Idx, SettingName, sizeof(SettingName), MessageBoxText, MessageBoxTextSize);
// Fix it up UiEscapeString(MessageBoxText);
-
fireball@svn.reactos.org