Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-08-04 15:36:24 +00:00
Code Issues Projects Releases Packages Wiki Activity

[SYSSETUP]

Browse source 
* Computer name length is limited to 15 characters, not 63. Fixes possible buffer overflow
* Spotted by Victor Martinez

svn path=/trunk/; revision=51349
This commit is contained in:
Rafal Harabien 2011-04-15 14:29:14 +00:00
parent ae8ebc72e4
commit ce720bbf52
2 changed files with 3 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
reactos/dll/win32/syssetup/globals.h
View file

@ -43,7 +43,7 @@ typedef struct _SETUPDATA
WCHAR OwnerName[51];
WCHAR OwnerOrganization[51];
WCHAR ComputerName[MAX_COMPUTERNAME_LENGTH + 1]; /* max. 63 characters */
WCHAR ComputerName[MAX_COMPUTERNAME_LENGTH + 1]; /* max. 15 characters */
WCHAR AdminPassword[15]; /* max. 14 characters */
BOOL UnattendSetup;
BOOL DisableVmwInst;

4
reactos/dll/win32/syssetup/wizard.c
View file

@ -596,7 +596,7 @@ ComputerPageDlgProc(HWND hwndDlg,
SetDlgItemTextW(hwndDlg, IDC_COMPUTERNAME, ComputerName);
/* Set text limits */
SendDlgItemMessage(hwndDlg, IDC_COMPUTERNAME, EM_LIMITTEXT, 64, 0);
SendDlgItemMessage(hwndDlg, IDC_COMPUTERNAME, EM_LIMITTEXT, MAX_COMPUTERNAME_LENGTH, 0);
SendDlgItemMessage(hwndDlg, IDC_ADMINPASSWORD1, EM_LIMITTEXT, 14, 0);
SendDlgItemMessage(hwndDlg, IDC_ADMINPASSWORD2, EM_LIMITTEXT, 14, 0);
@ -630,7 +630,7 @@ ComputerPageDlgProc(HWND hwndDlg,
break;
case PSN_WIZNEXT:
if (GetDlgItemTextW(hwndDlg, IDC_COMPUTERNAME, ComputerName, 64) == 0)
if (0 == GetDlgItemTextW(hwndDlg, IDC_COMPUTERNAME, ComputerName, MAX_COMPUTERNAME_LENGTH + 1))
{
if (0 == LoadStringW(hDllInstance, IDS_WZD_COMPUTERNAME, EmptyComputerName,
sizeof(EmptyComputerName) / sizeof(EmptyComputerName[0])))