[ros-dev] [ros-diffs] [cfinck] 33571: Check if the GetWindowsDirectory call succeeded and use PathAppend to prevent a buffer overflow, when WinDir + "\regedit.exe" > MAX_PATH
Alex Ionescu
ionucu at videotron.ca
Sun May 18 13:28:50 CEST 2008
Last nitpick: if you can't get the windows directory, just
ShellExecute "regedit.exe" directly, as the code originally did --
this is the behavior on Windows, fyi.
On Sun, May 18, 2008 at 6:56 PM, <cfinck at svn.reactos.org> wrote:
> Author: cfinck
> Date: Sun May 18 05:56:31 2008
> New Revision: 33571
>
> URL: http://svn.reactos.org/svn/reactos?rev=33571&view=rev
> Log:
> Check if the GetWindowsDirectory call succeeded and use PathAppend to prevent a buffer overflow, when WinDir + "\regedit.exe" > MAX_PATH
>
> Modified:
> trunk/reactos/base/applications/regedt32/regedt32.c
>
> Modified: trunk/reactos/base/applications/regedt32/regedt32.c
> URL: http://svn.reactos.org/svn/reactos/trunk/reactos/base/applications/regedt32/regedt32.c?rev=33571&r1=33570&r2=33571&view=diff
> ==============================================================================
> --- trunk/reactos/base/applications/regedt32/regedt32.c [iso-8859-1] (original)
> +++ trunk/reactos/base/applications/regedt32/regedt32.c [iso-8859-1] Sun May 18 05:56:31 2008
> @@ -1,16 +1,18 @@
> #include <windows.h>
> #include <tchar.h>
> #include <shellapi.h>
> +#include <shlwapi.h>
>
> int WINAPI _tWinMain(HINSTANCE hCurInst, HINSTANCE hPrevInst,
> LPTSTR lpsCmdLine, int nCmdShow)
> {
> TCHAR szPath[MAX_PATH];
>
> - GetWindowsDirectory(szPath, MAX_PATH);
> - _tcscat(szPath, _T("\\regedit.exe"));
> -
> - ShellExecute(NULL, NULL, szPath, lpsCmdLine, NULL, nCmdShow);
> + if(GetWindowsDirectory(szPath, MAX_PATH))
> + {
> + PathAppend(szPath, _T("regedit.exe"));
> + ShellExecute(NULL, NULL, szPath, lpsCmdLine, NULL, nCmdShow);
> + }
>
> return 0;
> }
>
>
--
Best regards,
Alex Ionescu
More information about the Ros-dev
mailing list