Get rid from bogus SearchPathW() call, which is marked as most likely not needed in the comment above (by Wine). Simply get a length of the file name and use the file name directly instead, with checking for its validity too. Similarly as it's done for other cases.
That call seems actually not needed because it is already done using SearchPathW() in another parts of the code in this file, before calling SHELL_ArgifyW().
Fixes another heap corruption when trying to login via OAuth menthod in SpotifyXP 2.0.3 Beta (nightly build). The previous commit did not fix the bug fully, as I discovered it later.
CORE-19953
static BOOL SHELL_ArgifyW(WCHAR* out, DWORD len, const WCHAR* fmt, const WCHAR* lpFile, LPITEMIDLIST pidl, LPCWSTR args, DWORD* out_len, const WCHAR* lpDir)
{
- WCHAR xlpFile[1024];
BOOL done = FALSE;
BOOL found_p1 = FALSE;
PWSTR res = out;
- PCWSTR cmd;
DWORD used = 0;
bool tildeEffect = false;
break;
case '1':
- if (!done || (*fmt == '1'))
+ if ((!done || (*fmt == '1')) && lpFile)
{
- /*FIXME Is the call to SearchPathW() really needed? We already have separated out the parameter string in args. */
- if (SearchPathW(lpDir, lpFile, L".exe", ARRAY_SIZE(xlpFile), xlpFile, NULL))
- cmd = xlpFile;
- else
- cmd = lpFile;
-
- SIZE_T cmdlen = wcslen(cmd);
- used += cmdlen;
+ SIZE_T filelen = wcslen(lpFile);
+ used += filelen;
if (used < len)
{
- wcscpy(res, cmd);
- res += cmdlen;
+ wcscpy(res, lpFile);
+ res += filelen;
}
}
found_p1 = TRUE;