We check for patterns in test file names, but we failed to account for empty and short names.
-- v2: kernel32/tests: Fix out-of-bound read in test_CreateFileA.
From: Yuxuan Shui yshui@codeweavers.com
We check for patterns in test file names, but we failed to account for empty and short names. --- dlls/kernel32/tests/file.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/dlls/kernel32/tests/file.c b/dlls/kernel32/tests/file.c index cf0c40d5cd6..db3ffc655ce 100644 --- a/dlls/kernel32/tests/file.c +++ b/dlls/kernel32/tests/file.c @@ -1365,12 +1365,12 @@ static void test_CreateFileA(void) { filename[0] = 0; /* update the drive id in the table entry with the current one */ - if (p[i].file[1] == ':') + if (strlen(p[i].file) > 1 && p[i].file[1] == ':') { strcpy(filename, p[i].file); filename[0] = windowsdir[0]; } - else if (p[i].file[0] == '\' && p[i].file[5] == ':') + else if (strlen(p[i].file) > 5 && p[i].file[0] == '\' && p[i].file[5] == ':') { strcpy(filename, p[i].file); filename[4] = windowsdir[0];
On Mon Jun 9 21:10:31 2025 +0000, Nikolay Sivov wrote:
It looks like it's enough to use strlen on it.
updated
-
Yuxuan Shui -
Yuxuan Shui (@yshui)