Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-12-28 10:04:49 +00:00
Code Issues Projects Releases Packages Wiki Activity

[NTOS:KD] Fix buffer overflow for the signon in KdPortInitializeEx.

Browse source 
The built string can be:
°°Kernel Debugger: Serial port found: COM1 (Port 0x000003F8) BaudRate 115200°°°°
(with ° representing the \r and \n in the message)
and you can verify that this is more than 80 characters in total.
This commit is contained in:
Hermès Bélusca-Maïto 2023-04-04 03:03:42 +02:00
parent 641c89d834
commit dfc2cc4e42
No known key found for this signature in database
GPG key ID: 3B2539C65E7B93D0
1 changed files with 14 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
ntoskrnl/kd/i386/kdserial.c
View file

@ -106,15 +106,22 @@ KdPortInitializeEx(
else else
{ {
#ifndef NDEBUG #ifndef NDEBUG
CHAR buffer[80]; int Length;
CHAR Buffer[82];
/* Print message to blue screen */ /* Print message to blue screen */
sprintf(buffer, Length = snprintf(Buffer, sizeof(Buffer),
"\r\nKernel Debugger: Serial port found: COM%ld (Port 0x%p) BaudRate %ld\r\n\r\n", "\r\nKernel Debugger: Serial port found: COM%ld (Port 0x%p) BaudRate %ld\r\n\r\n",
ComPortNumber, ComPortNumber,
PortInformation->Address, PortInformation->Address,
PortInformation->BaudRate); PortInformation->BaudRate);
HalDisplayString(buffer); if (Length == -1)
{
/* Terminate it if we went over-board */
Buffer[sizeof(Buffer) - 1] = ANSI_NULL;
}
HalDisplayString(Buffer);
#endif /* NDEBUG */ #endif /* NDEBUG */
#if 0 #if 0