[PATCH v2 0/1] MR8260: kernel32/tests: Fix out-of-bound read in test_CreateFileA.
We check for patterns in test file names, but we failed to account for empty and short names. -- v2: kernel32/tests: Fix out-of-bound read in test_CreateFileA. https://gitlab.winehq.org/wine/wine/-/merge_requests/8260
From: Yuxuan Shui <yshui(a)codeweavers.com> We check for patterns in test file names, but we failed to account for empty and short names. --- dlls/kernel32/tests/file.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dlls/kernel32/tests/file.c b/dlls/kernel32/tests/file.c index cf0c40d5cd6..db3ffc655ce 100644 --- a/dlls/kernel32/tests/file.c +++ b/dlls/kernel32/tests/file.c @@ -1365,12 +1365,12 @@ static void test_CreateFileA(void) { filename[0] = 0; /* update the drive id in the table entry with the current one */ - if (p[i].file[1] == ':') + if (strlen(p[i].file) > 1 && p[i].file[1] == ':') { strcpy(filename, p[i].file); filename[0] = windowsdir[0]; } - else if (p[i].file[0] == '\\' && p[i].file[5] == ':') + else if (strlen(p[i].file) > 5 && p[i].file[0] == '\\' && p[i].file[5] == ':') { strcpy(filename, p[i].file); filename[4] = windowsdir[0]; -- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/8260
On Mon Jun 9 21:10:31 2025 +0000, Nikolay Sivov wrote:
It looks like it's enough to use strlen on it. updated
-- https://gitlab.winehq.org/wine/wine/-/merge_requests/8260#note_105938
participants (2)
-
Yuxuan Shui -
Yuxuan Shui (@yshui)