Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-08-04 00:05:44 +00:00
Code Issues Projects Releases Packages Wiki Activity

[VMWINST] Use StringCb{Copy,Cat} instead of wcs{cpy,cat} to ensure that no buffer overflows occur. CID 514272s and 515210. By Ricardo Hanke. CORE-9347

Browse source 
svn path=/trunk/; revision=66634
This commit is contained in:
Amine Khaldi 2015-03-09 20:50:42 +00:00
parent 8ffd0f2576
commit 6e781e624c
1 changed files with 8 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

15
reactos/base/setup/vmwinst/vmwinst.c
View file

@ -31,6 +31,7 @@
#include <winreg.h> #include <winreg.h>
#include <wingdi.h> #include <wingdi.h>
#include <winuser.h> #include <winuser.h>
#include <strsafe.h>
#include <newdev.h> #include <newdev.h>
#include <pseh/pseh2.h> #include <pseh/pseh2.h>
#include <debug.h> #include <debug.h>
@ -124,8 +125,8 @@ DoesFileExist(WCHAR *Path, WCHAR *File)
HANDLE FileHandle; HANDLE FileHandle;
FileName[0] = L'\0'; FileName[0] = L'\0';
wcscat(FileName, Path); StringCbCat(FileName, sizeof(FileName), Path);
wcscat(FileName, File); StringCbCat(FileName, sizeof(FileName), File);
FileHandle = CreateFile(FileName, GENERIC_READ, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); FileHandle = CreateFile(FileName, GENERIC_READ, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
@ -495,8 +496,8 @@ InstInstallationThread(LPVOID lpParameter)
if(AbortInstall != 0) goto done; if(AbortInstall != 0) goto done;
PostMessage(hInstallationNotifyWnd, WM_INSTSTATUSUPDATE, IDS_COPYINGFILES, 0); PostMessage(hInstallationNotifyWnd, WM_INSTSTATUSUPDATE, IDS_COPYINGFILES, 0);
wcscpy(InfFileName, SrcPath); StringCbCopy(InfFileName, sizeof(InfFileName), SrcPath);
wcscat(InfFileName, L"vmx_svga.inf"); StringCbCat(InfFileName, sizeof(InfFileName), L"vmx_svga.inf");
DPRINT1("Calling UpdateDriverForPlugAndPlayDevices()\n"); DPRINT1("Calling UpdateDriverForPlugAndPlayDevices()\n");
if (!UpdateDriverForPlugAndPlayDevices( if (!UpdateDriverForPlugAndPlayDevices(
hInstallationNotifyWnd, hInstallationNotifyWnd,
@ -1071,11 +1072,11 @@ wWinMain(HINSTANCE hInstance,
lc += GetSystemDirectory(DestinationPath, MAX_PATH) - 1; lc += GetSystemDirectory(DestinationPath, MAX_PATH) - 1;
if(lc >= DestinationPath && *lc != L'\\') if(lc >= DestinationPath && *lc != L'\\')
{ {
wcscat(DestinationPath, L"\\"); StringCbCat(DestinationPath, sizeof(DestinationPath), L"\\");
} }
DestinationDriversPath[0] = L'\0'; DestinationDriversPath[0] = L'\0';
wcscat(DestinationDriversPath, DestinationPath); StringCbCat(DestinationDriversPath, sizeof(DestinationDriversPath), DestinationPath);
wcscat(DestinationDriversPath, L"drivers\\"); StringCbCat(DestinationDriversPath, sizeof(DestinationDriversPath), L"drivers\\");
SetCurrentDirectory(DestinationPath); SetCurrentDirectory(DestinationPath);