Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-08-05 17:12:57 +00:00
Code Issues Projects Releases Packages Wiki Activity

limit length of szValue to LF_FACESIZE to prevent a buffer overflow

Browse source 
initialize szValue

svn path=/trunk/; revision=30599
This commit is contained in:
Christoph von Wittich 2007-11-20 16:05:59 +00:00
parent 28b9cdca2f
commit 78be83f3a8
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
reactos/subsystems/win32/csrss/win32csr/guiconsole.c
View file

@ -506,7 +506,7 @@ GuiConsoleReadUserSettings(HKEY hKey, PCSRSS_CONSOLE Console, PGUI_CONSOLE_DATA
DWORD dwValue; DWORD dwValue;
DWORD dwType; DWORD dwType;
WCHAR szValueName[MAX_PATH]; WCHAR szValueName[MAX_PATH];
WCHAR szValue[MAX_PATH]; WCHAR szValue[LF_FACESIZE] = L"\0";
DWORD Value; DWORD Value;
if (RegQueryInfoKey(hKey, NULL, NULL, NULL, NULL, NULL, NULL, &dwNumSubKeys, NULL, NULL, NULL, NULL) != ERROR_SUCCESS) if (RegQueryInfoKey(hKey, NULL, NULL, NULL, NULL, NULL, NULL, &dwNumSubKeys, NULL, NULL, NULL, NULL) != ERROR_SUCCESS)
@ -530,7 +530,7 @@ GuiConsoleReadUserSettings(HKEY hKey, PCSRSS_CONSOLE Console, PGUI_CONSOLE_DATA
* retry in case of string value * retry in case of string value
*/ */
dwValue = sizeof(szValue); dwValue = sizeof(szValue);
dwValueName = MAX_PATH; dwValueName = LF_FACESIZE;
if (RegEnumValueW(hKey, dwIndex, szValueName, &dwValueName, NULL, NULL, (BYTE*)szValue, &dwValue) != ERROR_SUCCESS) if (RegEnumValueW(hKey, dwIndex, szValueName, &dwValueName, NULL, NULL, (BYTE*)szValue, &dwValue) != ERROR_SUCCESS)
break; break;
} }