Commit 7c523f48 authored by Paul Gofman's avatar Paul Gofman Committed by Alexandre Julliard

kernelbase: Fix string size variable overflow in GetModuleFileNameW().

parent 20fb14bf
...@@ -190,6 +190,11 @@ static void testGetModuleFileName(const char* name) ...@@ -190,6 +190,11 @@ static void testGetModuleFileName(const char* name)
ok(len1A / 2 == len2A, ok(len1A / 2 == len2A,
"Correct length in GetModuleFilenameA with buffer too small (%d/%d)\n", len1A / 2, len2A); "Correct length in GetModuleFilenameA with buffer too small (%d/%d)\n", len1A / 2, len2A);
len1A = GetModuleFileNameA(hMod, bufA, 0x10000);
ok(len1A > 0, "Getting module filename for handle %p\n", hMod);
len1W = GetModuleFileNameW(hMod, bufW, 0x10000);
ok(len1W > 0, "Getting module filename for handle %p\n", hMod);
} }
static void testGetModuleFileName_Wrong(void) static void testGetModuleFileName_Wrong(void)
......
...@@ -311,7 +311,7 @@ DWORD WINAPI DECLSPEC_HOTPATCH GetModuleFileNameW( HMODULE module, LPWSTR filena ...@@ -311,7 +311,7 @@ DWORD WINAPI DECLSPEC_HOTPATCH GetModuleFileNameW( HMODULE module, LPWSTR filena
} }
name.Buffer = filename; name.Buffer = filename;
name.MaximumLength = size * sizeof(WCHAR); name.MaximumLength = min( size, UNICODE_STRING_MAX_CHARS ) * sizeof(WCHAR);
status = LdrGetDllFullName( module, &name ); status = LdrGetDllFullName( module, &name );
if (!status || status == STATUS_BUFFER_TOO_SMALL) len = name.Length / sizeof(WCHAR); if (!status || status == STATUS_BUFFER_TOO_SMALL) len = name.Length / sizeof(WCHAR);
SetLastError( RtlNtStatusToDosError( status )); SetLastError( RtlNtStatusToDosError( status ));
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment