https://git.reactos.org/?p=reactos.git;a=commitdiff;h=136fabd357f973fa3f446… commit 136fabd357f973fa3f4465804728a14fc1aea025 Author: Samuel Serapion <samuel.serapion(a)gmail.com> AuthorDate: Fri Oct 20 11:03:07 2017 -0400 [CRT] Use MAX_PATH for buffer meant to contain an arbitrary path The cFileName member of WIN32_FIND_DATA is an array of MAX_PATH(260). Using strcpy/wcscpy with the target buffer being smaller is potentially bad. Corresponds to CID 1401198 and 1401195. --- sdk/lib/crt/misc/getargs.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sdk/lib/crt/misc/getargs.c b/sdk/lib/crt/misc/getargs.c index df20bb227c..1a8cf0fb9e 100644 --- a/sdk/lib/crt/misc/getargs.c +++ b/sdk/lib/crt/misc/getargs.c @@ -70,7 +70,7 @@ int wexpand(wchar_t* name, int expand_wildcards) WIN32_FIND_DATAW fd; HANDLE hFile; BOOLEAN first = TRUE; - wchar_t buffer[256]; + wchar_t buffer[MAX_PATH]; uintptr_t pos; if (expand_wildcards && (s = wcspbrk(name, L"*?"))) @@ -135,7 +135,7 @@ int aexpand(char* name, int expand_wildcards) WIN32_FIND_DATAA fd; HANDLE hFile; BOOLEAN first = TRUE; - char buffer[256]; + char buffer[MAX_PATH]; uintptr_t pos; if (expand_wildcards && (s = strpbrk(name, "*?")))