git://git.iain.cx/iain
/
nssm.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
95640f3
)
Fixed buffer overflow in GUI browse().
author
Iain Patterson
<me@iain.cx>
Mon, 6 Mar 2017 11:48:18 +0000
(11:48 +0000)
committer
Iain Patterson
<me@iain.cx>
Mon, 6 Mar 2017 11:48:18 +0000
(11:48 +0000)
Thanks Connor Reynolds.
README.txt
patch
|
blob
|
history
gui.cpp
patch
|
blob
|
history
diff --git
a/README.txt
b/README.txt
index
e6d3d50
..
eaecac2
100644
(file)
--- a/
README.txt
+++ b/
README.txt
@@
-1043,6
+1043,7
@@
Thanks to Nicolas Ducrocq for suggesting timestamping redirected output.
Thanks to Meang Akira Tanaka for suggestion and initial implementation of
\r
the statuscode command.
\r
Thanks to Kirill Kovalenko for reporting a crash with NANO server.
\r
Thanks to Meang Akira Tanaka for suggestion and initial implementation of
\r
the statuscode command.
\r
Thanks to Kirill Kovalenko for reporting a crash with NANO server.
\r
+Thanks to Connor Reynolds for spotting a potential buffer overflow.
\r
\r
Licence
\r
-------
\r
\r
Licence
\r
-------
\r
diff --git
a/gui.cpp
b/gui.cpp
index
9c4d712
..
5aaa932
100644
(file)
--- a/
gui.cpp
+++ b/
gui.cpp
@@
-924,7
+924,7
@@
void browse(HWND window, TCHAR *current, unsigned long flags, ...) {
va_start(arg, flags);
\r
while (i = va_arg(arg, int)) {
\r
TCHAR *localised = message_string(i);
\r
va_start(arg, flags);
\r
while (i = va_arg(arg, int)) {
\r
TCHAR *localised = message_string(i);
\r
- _sntprintf_s((TCHAR *) ofn.lpstrFilter + len, bufsize, _TRUNCATE, localised);
\r
+ _sntprintf_s((TCHAR *) ofn.lpstrFilter + len, bufsize
- len
, _TRUNCATE, localised);
\r
len += _tcslen(localised) + 1;
\r
LocalFree(localised);
\r
TCHAR *filter = browse_filter(i);
\r
len += _tcslen(localised) + 1;
\r
LocalFree(localised);
\r
TCHAR *filter = browse_filter(i);
\r