If the length of wszApplicationName exceeds 1024, it will cause an error when writing to the subsequent stack space after exceeding the wcmd space, Wcmd needs to be modified to dynamic allocation.
Signed-off-by: Jiajin Cui cuijiajin@uniontech.com
From: Jiajin Cui cuijiajin@uniontech.com
If the length of wszApplicationName exceeds 1024, it will cause an error when writing to the subsequent stack space after exceeding the wcmd space, Wcmd needs to be modified to dynamic allocation.
Signed-off-by: Jiajin Cui cuijiajin@uniontech.com --- dlls/shell32/shlexec.c | 8 ++++++++ 1 file changed, 8 insertions(+)
diff --git a/dlls/shell32/shlexec.c b/dlls/shell32/shlexec.c index da2b5fdc2b0..43e965ca7d5 100644 --- a/dlls/shell32/shlexec.c +++ b/dlls/shell32/shlexec.c @@ -1764,6 +1764,14 @@ static BOOL SHELL_execute( LPSHELLEXECUTEINFOW sei, SHELL_ExecuteW32 execfunc ) TRACE("execute:%s,%s,%s\n", debugstr_w(wszApplicationName), debugstr_w(wszParameters), debugstr_w(wszDir)); lpFile = sei_tmp.lpFile; wcmd = wcmdBuffer; + len = lstrlenW(wszApplicationName) + 3; + if (sei_tmp.lpParameters[0]) + len += 1 + lstrlenW(wszParameters); + if (len > wcmdLen) + { + wcmd = heap_alloc(len * sizeof(WCHAR)); + wcmdLen = len; + } lstrcpyW(wcmd, wszApplicationName); if (sei_tmp.lpDirectory) {
It would be a good idea to add a test case to show real windows behavior when command line length exceeds MAX_PATH. You can look at https://gitlab.winehq.org/wine/wine/-/merge_requests/2383.
On Mon Jun 26 07:24:05 2023 +0000, eric pouech wrote:
It would be a good idea to add a test case to show real windows behavior when command line length exceeds MAX_PATH. You can look at https://gitlab.winehq.org/wine/wine/-/merge_requests/2383.
Thank you, I'll add a bit of test cases
-
eric pouech (@epo) -
Jiajin Cui
-
Jiajin Cui (@jin-king1)