Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
W
wine-winehq
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
wine
wine-winehq
Commits
a240abf1
Commit
a240abf1
authored
Jun 09, 2020
by
Alexandre Julliard
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
ntdll: Avoid overflowing the command line buffer.
Wine-Bug:
https://bugs.winehq.org/show_bug.cgi?id=49314
Signed-off-by:
Alexandre Julliard
<
julliard@winehq.org
>
parent
ff19f219
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
7 additions
and
2 deletions
+7
-2
env.c
dlls/ntdll/env.c
+7
-2
No files found.
dlls/ntdll/env.c
View file @
a240abf1
...
...
@@ -811,8 +811,7 @@ static void build_command_line( WCHAR **argv, UNICODE_STRING *cmdline )
len
=
1
;
for
(
arg
=
argv
;
*
arg
;
arg
++
)
len
+=
3
+
2
*
wcslen
(
*
arg
);
cmdline
->
MaximumLength
=
len
*
sizeof
(
WCHAR
);
if
(
!
(
cmdline
->
Buffer
=
RtlAllocateHeap
(
GetProcessHeap
(),
0
,
cmdline
->
MaximumLength
)))
return
;
if
(
!
(
cmdline
->
Buffer
=
RtlAllocateHeap
(
GetProcessHeap
(),
0
,
len
*
sizeof
(
WCHAR
)
)))
return
;
p
=
cmdline
->
Buffer
;
for
(
arg
=
argv
;
*
arg
;
arg
++
)
...
...
@@ -858,7 +857,13 @@ static void build_command_line( WCHAR **argv, UNICODE_STRING *cmdline )
}
if
(
p
>
cmdline
->
Buffer
)
p
--
;
/* remove last space */
*
p
=
0
;
if
(
p
-
cmdline
->
Buffer
>=
32767
)
{
ERR
(
"command line too long (%u)
\n
"
,
(
DWORD
)(
p
-
cmdline
->
Buffer
)
);
NtTerminateProcess
(
GetCurrentProcess
(),
1
);
}
cmdline
->
Length
=
(
p
-
cmdline
->
Buffer
)
*
sizeof
(
WCHAR
);
cmdline
->
MaximumLength
=
cmdline
->
Length
+
sizeof
(
WCHAR
);
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment