Uploaded image for project: 'Core ReactOS'
  1. Core ReactOS
  2. CORE-13389

PATCH. Avoid JOBs overrunning in LoadJobs

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Major
    • 0.4.6
    • None

    Description

      pJobs->Name is defined as a 9 wchar string according to base/services/schedsvc/precomp.h

      However when we try to LoadJobs from registry, szNameBuffer is defined as 32 and then we try to copy in the pJobs->Name overrunning it.

      All these magic numbers (9, 32, ...) doesn't seem to have any sense.

      Anyway, since the Job is created with a maximum of 9 characters, it won't have more than 9 in registry so changing the 32 magic numbers accordingly. At least we won't corrupt memory anymore.

      PS: Why JOB->Name is 9 instead MAX_PATH as MSDN says to begin with?

      https://msdn.microsoft.com/en-us/library/windows/desktop/ms682409(v=vs.85).aspx

      HANDLE WINAPI CreateJobObject

      lpName [in, optional]
      The name of the job. The name is limited to MAX_PATH characters. Name comparison is case-sensitive.

      Attachments

        Activity

          People

            bug zilla Bug Zilla
            vicmarcal vicmarcal
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: