Re: [PATCH 2/2] msi: Use next cabinet from the media table instead of failing when there is a mismatch with continuous cabinet.
On Wed, 2013-05-01 at 12:40 +0200, Christian Costa wrote:
diff --git a/dlls/msi/media.c b/dlls/msi/media.c index 612624d..4145c76 100644 --- a/dlls/msi/media.c +++ b/dlls/msi/media.c @@ -358,8 +358,18 @@ static INT_PTR cabinet_next_cabinet(FDINOTIFICATIONTYPE fdint,
if (strcmpiW( mi->cabinet, cab )) {
ERR("Continuous cabinet does not match the next cabinet in the Media table\n");goto done;
LPSTR next_cab;WARN("Continuous cabinet %s does not match the next cabinet %s in the media table => use latter one\n", debugstr_w(cab), debugstr_w(mi->cabinet));/* Use cabinet name from the media table */next_cab = strdupWtoA(mi->cabinet);/* Modify path to cabinet file with full filename (psz3 points to a 256 bytes buffer that can be modified contrary to psz1 and psz2) */strcat(pfdin->psz3, "\\");strcat(pfdin->psz3, next_cab);/* Path psz3 and cabinet psz1 are concatenated by FDI so just reset psz1 */*pfdin->psz1 = 0;msi_free(next_cab);
The cabinet name alone can be up 256 characters so you should at least check that you're not overflowing the buffer.
Le 01/05/2013 14:34, Hans Leidekker a écrit :
On Wed, 2013-05-01 at 12:40 +0200, Christian Costa wrote:
diff --git a/dlls/msi/media.c b/dlls/msi/media.c index 612624d..4145c76 100644 --- a/dlls/msi/media.c +++ b/dlls/msi/media.c @@ -358,8 +358,18 @@ static INT_PTR cabinet_next_cabinet(FDINOTIFICATIONTYPE fdint,
if (strcmpiW( mi->cabinet, cab )) {
ERR("Continuous cabinet does not match the next cabinet in the Media table\n");goto done;
LPSTR next_cab;WARN("Continuous cabinet %s does not match the next cabinet %s in the media table => use latter one\n", debugstr_w(cab), debugstr_w(mi->cabinet));/* Use cabinet name from the media table */next_cab = strdupWtoA(mi->cabinet);/* Modify path to cabinet file with full filename (psz3 points to a 256 bytes buffer that can be modified contrary to psz1 and psz2) */strcat(pfdin->psz3, "\\");strcat(pfdin->psz3, next_cab);/* Path psz3 and cabinet psz1 are concatenated by FDI so just reset psz1 */*pfdin->psz1 = 0;msi_free(next_cab);The cabinet name alone can be up 256 characters so you should at least check that you're not overflowing the buffer.
Fixed. Thanks!
-
Christian Costa -
Hans Leidekker