projects / reactos.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 56a5ebe)
[CONSRV]
authorHermès Bélusca-Maïto <hermes.belusca-maito@reactos.org>
Mon, 28 Apr 2014 19:50:27 +0000 (19:50 +0000)
committerHermès Bélusca-Maïto <hermes.belusca-maito@reactos.org>
Mon, 28 Apr 2014 19:50:27 +0000 (19:50 +0000)
- Fix dereferencing potential NULL pointers in ConDrvReadConsole() and ConDrvChangeScreenBufferAttributes();
- Fix a wcsncat in ConSrvOpenUserSettings()
Patches by Victor Martinez Calvo
CORE-8122 CORE-8123 #resolve #comment Fixed in revision 63035, cheers ;)

svn path=/trunk/; revision=63035

reactos/win32ss/user/winsrv/consrv/condrv/coninput.c patch | blob | history
reactos/win32ss/user/winsrv/consrv/condrv/text.c patch | blob | history
reactos/win32ss/user/winsrv/consrv/settings.c patch | blob | history

diff --git a/reactos/win32ss/user/winsrv/consrv/condrv/coninput.c b/reactos/win32ss/user/winsrv/consrv/condrv/coninput.c
index 27c6b36..afd6a64 100644 (file)
--- a/reactos/win32ss/user/winsrv/consrv/condrv/coninput.c
+++ b/reactos/win32ss/user/winsrv/consrv/condrv/coninput.c
@@ -246,7 +246,7 @@ ConDrvReadConsole(IN PCONSOLE Console,
     NTSTATUS Status = STATUS_PENDING;
     PLIST_ENTRY CurrentEntry;
     ConsoleInput *Input;
-    ULONG i = ReadControl->nInitialChars;
+    ULONG i;
 
     if (Console == NULL || InputBuffer == NULL || /* Buffer == NULL  || */
         ReadControl == NULL || ReadControl->nLength != sizeof(CONSOLE_READCONSOLE_CONTROL))
@@ -261,6 +261,8 @@ ConDrvReadConsole(IN PCONSOLE Console,
 
     /* We haven't read anything (yet) */
 
+    i = ReadControl->nInitialChars;
+
     if (InputBuffer->Mode & ENABLE_LINE_INPUT)
     {
         if (Console->LineBuffer == NULL)
diff --git a/reactos/win32ss/user/winsrv/consrv/condrv/text.c b/reactos/win32ss/user/winsrv/consrv/condrv/text.c
index da6459d..d44c9b3 100644 (file)
--- a/reactos/win32ss/user/winsrv/consrv/condrv/text.c
+++ b/reactos/win32ss/user/winsrv/consrv/condrv/text.c
@@ -595,8 +595,8 @@ ConDrvChangeScreenBufferAttributes(IN PCONSOLE Console,
     PCHAR_INFO Ptr;
 
     COORD  TopLeft = {0};
-    ULONG  NumCodesToWrite = Buffer->ScreenBufferSize.X * Buffer->ScreenBufferSize.Y;
-    USHORT OldScreenAttrib = Buffer->ScreenDefaultAttrib;
+    ULONG  NumCodesToWrite;
+    USHORT OldScreenAttrib;
 
     if (Console == NULL || Buffer == NULL)
     {
@@ -606,9 +606,13 @@ ConDrvChangeScreenBufferAttributes(IN PCONSOLE Console,
     /* Validity check */
     ASSERT(Console == Buffer->Header.Console);
 
+    NumCodesToWrite = Buffer->ScreenBufferSize.X * Buffer->ScreenBufferSize.Y;
+    OldScreenAttrib = Buffer->ScreenDefaultAttrib;
+
     X = TopLeft.X;
     Y = (TopLeft.Y + Buffer->VirtualY) % Buffer->ScreenBufferSize.Y;
     Length = NumCodesToWrite;
+
     // Ptr = ConioCoordToPointer(Buffer, X, Y); // Doesn't work
     // Ptr = &Buffer->Buffer[X + Y * Buffer->ScreenBufferSize.X]; // May work
 
diff --git a/reactos/win32ss/user/winsrv/consrv/settings.c b/reactos/win32ss/user/winsrv/consrv/settings.c
index ec7042a..e1ea885 100644 (file)
--- a/reactos/win32ss/user/winsrv/consrv/settings.c
+++ b/reactos/win32ss/user/winsrv/consrv/settings.c
@@ -156,7 +156,7 @@ ConSrvOpenUserSettings(DWORD ProcessId,
     TranslateConsoleName(szBuffer2, ConsoleTitle, MAX_PATH);
 
     /* Create the registry path */
-    wcsncat(szBuffer, szBuffer2, MAX_PATH);
+    wcsncat(szBuffer, szBuffer2, MAX_PATH - wcslen(szBuffer) - 1);
 
     /* Create or open the registry key */
     if (bCreate)
A free Windows-compatible Operating System