Module: wine Branch: master Commit: 451aff9ae54c0817a33e205df1c144d3b8bd0942 URL: http://source.winehq.org/git/wine.git/?a=commit;h=451aff9ae54c0817a33e205df1...
Author: James Hawkins jhawkins@codeweavers.com Date: Thu Oct 9 00:54:04 2008 -0500
msi: Add extra constraints on the formatting string of edit path text.
---
dlls/msi/dialog.c | 9 +++++++-- 1 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/dlls/msi/dialog.c b/dlls/msi/dialog.c index add7876..799aa48 100644 --- a/dlls/msi/dialog.c +++ b/dlls/msi/dialog.c @@ -1204,12 +1204,15 @@ static UINT msi_dialog_combo_control( msi_dialog *dialog, MSIRECORD *rec ) return ERROR_SUCCESS; }
+/* length of 2^32 + 1 */ +#define MAX_NUM_DIGITS 11 + static UINT msi_dialog_edit_control( msi_dialog *dialog, MSIRECORD *rec ) { msi_control *control; LPCWSTR prop, text; LPWSTR val, begin, end; - WCHAR num[10]; + WCHAR num[MAX_NUM_DIGITS]; DWORD limit;
control = msi_dialog_add_control( dialog, rec, szEdit, @@ -1222,7 +1225,9 @@ static UINT msi_dialog_edit_control( msi_dialog *dialog, MSIRECORD *rec ) begin = strchrW( text, '{' ); end = strchrW( text, '}' );
- if ( begin && end && end > begin ) + if ( begin && end && end > begin && + begin[0] >= '0' && begin[0] <= '9' && + end - begin < MAX_NUM_DIGITS) { lstrcpynW( num, begin + 1, end - begin ); limit = atolW( num );
-
Alexandre Julliard