[ROSAPPS][VGAFONTEDIT] String/Memory check
authorKatayama Hirofumi MZ <katayama.hirofumi.mz@gmail.com>
Thu, 20 Dec 2018 13:33:59 +0000 (22:33 +0900)
committerKatayama Hirofumi MZ <katayama.hirofumi.mz@gmail.com>
Thu, 20 Dec 2018 13:33:59 +0000 (22:33 +0900)
modules/rosapps/applications/devutils/vgafontedit/mainwnd.c
modules/rosapps/applications/devutils/vgafontedit/precomp.h

index fd70849..8057df5 100644 (file)
@@ -213,12 +213,19 @@ DoFileOpen(IN PMAIN_WND_INFO Info)
 
     OpenInfo = (PFONT_OPEN_INFO) HeapAlloc( hProcessHeap, HEAP_ZERO_MEMORY, sizeof(FONT_OPEN_INFO) );
     OpenInfo->pszFileName = HeapAlloc(hProcessHeap, 0, MAX_PATH);
-    OpenInfo->pszFileName[0] = 0;
+    if (OpenInfo->pszFileName)
+    {
+        OpenInfo->pszFileName[0] = 0;
 
-    if( DoOpenFile(OpenInfo->pszFileName) )
+        if (DoOpenFile(OpenInfo->pszFileName))
+        {
+            OpenInfo->bCreateNew = FALSE;
+            CreateFontWindow(Info, OpenInfo);
+        }
+    }
+    else
     {
-        OpenInfo->bCreateNew = FALSE;
-        CreateFontWindow(Info, OpenInfo);
+        MessageBoxW(Info->hMainWnd, L"Out of memory!", NULL, MB_ICONERROR);
     }
 }
 
@@ -229,10 +236,22 @@ MainWndOpenFile(IN PMAIN_WND_INFO Info, LPCWSTR File)
 
     OpenInfo = HeapAlloc(hProcessHeap, HEAP_ZERO_MEMORY, sizeof(FONT_OPEN_INFO));
     OpenInfo->pszFileName = HeapAlloc(hProcessHeap, 0, MAX_PATH);
-    lstrcpynW(OpenInfo->pszFileName, File, MAX_PATH);
-
-    OpenInfo->bCreateNew = FALSE;
-    CreateFontWindow(Info, OpenInfo);
+    if (OpenInfo->pszFileName)
+    {
+        if (StringCchCopyW(OpenInfo->pszFileName, MAX_PATH, File) == S_OK)
+        {
+            OpenInfo->bCreateNew = FALSE;
+            CreateFontWindow(Info, OpenInfo);
+        }
+        else
+        {
+            MessageBoxW(Info->hMainWnd, L"Pathname is too long!", NULL, MB_ICONERROR);
+        }
+    }
+    else
+    {
+        MessageBoxW(Info->hMainWnd, L"Out of memory!", NULL, MB_ICONERROR);
+    }
 }
 
 static VOID
index 7728310..94ac9dd 100644 (file)
@@ -11,6 +11,7 @@
 #include <windows.h>
 #include <windowsx.h>
 #include <commctrl.h>
+#include <strsafe.h>
 #include "resource.h"
 #include "customwndclasses.h"