Uploaded image for project: 'Core ReactOS'
  1. Core ReactOS
  2. CORE-13389

PATCH. Avoid JOBs overrunning in LoadJobs

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Fix Version/s: 0.4.6
    • Component/s: None
    • Labels:

      Description

      pJobs->Name is defined as a 9 wchar string according to base/services/schedsvc/precomp.h

      However when we try to LoadJobs from registry, szNameBuffer is defined as 32 and then we try to copy in the pJobs->Name overrunning it.

      All these magic numbers (9, 32, ...) doesn't seem to have any sense.

      Anyway, since the Job is created with a maximum of 9 characters, it won't have more than 9 in registry so changing the 32 magic numbers accordingly. At least we won't corrupt memory anymore.

      PS: Why JOB->Name is 9 instead MAX_PATH as MSDN says to begin with?

      https://msdn.microsoft.com/en-us/library/windows/desktop/ms682409(v=vs.85).aspx

      HANDLE WINAPI CreateJobObject

      lpName [in, optional]
      The name of the job. The name is limited to MAX_PATH characters. Name comparison is case-sensitive.

        Attachments

          Activity

            People

            • Assignee:
              bug zilla Bug Zilla
              Reporter:
              vicmarcal vicmarcal
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: