Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-07-22 04:08:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix buffer overflow in InfpAddSection.

Browse source 
See issue #2516 for more details.

svn path=/trunk/; revision=28094
This commit is contained in:
Thomas Bluemel 2007-08-02 04:09:19 +00:00
parent 4932311395
commit 5a7f727906
2 changed files with 7 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
reactos/lib/inflib/infcore.c
View file

@ -181,7 +181,8 @@ InfpAddSection(PINFCACHE Cache,
}
/* Allocate and initialize the new section */
Size = sizeof(INFCACHESECTION) + (_tcslen (Name) * sizeof(TCHAR));
Size = FIELD_OFFSET(INFCACHESECTION,
Name[_tcslen (Name) + 1]);
Section = (PINFCACHESECTION)MALLOC (Size);
if (Section == NULL)
{
@ -285,7 +286,8 @@ InfpAddFieldToLine(PINFCACHELINE Line,
PINFCACHEFIELD Field;
ULONG Size;
Size = sizeof(INFCACHEFIELD) + (_tcslen(Data) * sizeof(TCHAR));
Size = FIELD_OFFSET(INFCACHEFIELD,
Data[_tcslen(Data) + 1]);
Field = (PINFCACHEFIELD)MALLOC(Size);
if (Field == NULL)
{

3
reactos/lib/inflib/infpriv.h
View file

@ -9,6 +9,9 @@
#ifndef INFPRIV_H_INCLUDED
#define INFPRIV_H_INCLUDED
#ifndef FIELD_OFFSET
#define FIELD_OFFSET(t,f) ((ptrdiff_t)&(((t*)0)->f))
#endif
#define INF_STATUS_INSUFFICIENT_RESOURCES (0xC000009A)
#define INF_STATUS_BAD_SECTION_NAME_LINE (0xC0700001)