Rooba
/
boinc
mirror of https://github.com/BOINC/boinc.git
1
0
Fork 0
Code Issues 1 Packages Projects Releases Wiki Activity
boinc/clientgui/msw
History
Dmitry Tsarevich 04e00b1eb9 Fix potential buffer overflow in lstrcpyn 
"iMaxLength

Type: int

The number of TCHAR values to be copied from the string pointed to by lpString2 into the buffer pointed to by lpString1, including a terminating null character.
"

"If the buffer pointed to by lpString1 is not large enough to contain the copied string, a buffer overrun can occur. When copying an entire string, note that sizeof returns the number of bytes. For example, if lpString1 points to a buffer szString1 which is declared as TCHAR szString[100], then sizeof(szString1) gives the size of the buffer in bytes rather than WCHAR, which could lead to a buffer overflow for the Unicode version of the function.
...
Using sizeof(szString1)/sizeof(szString1[0]) gives the proper size of the buffer."

See https://docs.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-lstrcpynw#security-warning
 		2020-04-24 19:16:53 +03:00
..
taskbarex.cpp Fix potential buffer overflow in lstrcpyn 2020-04-24 19:16:53 +03:00
taskbarex.h - MGR: Fix references to the taskbar events which are now included 2013-03-06 16:14:16 +01:00