[Bug 40742] New: cmd.exe: buffer overflow while parsing qualifiers

7 Jun 2016


      https://bugs.winehq.org/show_bug.cgi?id=40742
Bug ID: 40742
           Summary: cmd.exe: buffer overflow while parsing qualifiers
           Product: Wine
           Version: 1.9.11
          Hardware: x86
                OS: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: cmd
          Assignee: wine-bugs@winehq.org
          Reporter: jbb.rose@yahoo.com
      Distribution: ---
Created attachment 54646
  --> https://bugs.winehq.org/attachment.cgi?id=54646
Batch file which triggers the problem
WCMD_parse() copies command qualifiers into the quals[] array.  The
array is MAX_PATH (260) characters long, but the input command can be
up to MAXSTRING (8192) characters long.  This can lead to buffer
overflows and crashes if a command has many qualifiers.
The attached try.bat file, taken from an actual command generated by
a cross-build system, reliably crashes wine 1.9.11 as built on SLES11SP2.
Increasing the size of quals[] to MAXSTRING characters fixes the problem.
-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

[Bug 40742] New: cmd.exe: buffer overflow while parsing qualifiers