http://bugs.winehq.org/show_bug.cgi?id=59868 Bug ID: 59868 Summary: cmd: Allowance for buffer overflow in del command implementation Product: Wine Version: 11.10 Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: cmd Assignee: wine-bugs@list.winehq.org Reporter: barathrk11@gmail.com Distribution: --- While working on another part of the programs/cmd/builtins.c file, I noticed this particular snippet: static BOOL WCMD_delete_one (const WCHAR *thisArg) { DWORD wanted_attrs; DWORD unwanted_attrs; BOOL found = FALSE; /* MAX_PATH = 260 */ WCHAR argCopy[MAX_PATH]; WIN32_FIND_DATAW fd; HANDLE hff; WCHAR fpath[MAX_PATH]; WCHAR *p; BOOL handleParm = TRUE; WCMD_delete_parse_attributes(&wanted_attrs, &unwanted_attrs); /* Blind copy */ lstrcpyW(argCopy, thisArg); WINE_TRACE("del: Processing arg %s (quals:%s)\n", wine_dbgstr_w(argCopy), wine_dbgstr_w(quals)); if (!WCMD_delete_confirm_wildcard(argCopy, &found)) { /* Skip this arg if user declines to delete *.* */ return FALSE; } /* First, try to delete in the current directory */ hff = FindFirstFileW(argCopy, &fd); ... -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.