r23781 by jghali - Fix potential buffer overrun in GS detection code on Windows

Mon, 11 May 2020 15:54:01 -0700 

Author: jghali
Date: Mon May 11 22:53:30 2020
New Revision: 23781

URL: http://scribus.net/websvn/listing.php?repname=Scribus&sc=1&rev=23781
Log:
Fix potential buffer overrun in GS detection code on Windows

Modified:
    trunk/Scribus/scribus/util_ghostscript.cpp

Modified: trunk/Scribus/scribus/util_ghostscript.cpp
URL: 
http://scribus.net/websvn/diff.php?repname=Scribus&rev=23781&path=/trunk/Scribus/scribus/util_ghostscript.cpp
==============================================================================
--- trunk/Scribus/scribus/util_ghostscript.cpp  (original)
+++ trunk/Scribus/scribus/util_ghostscript.cpp  Mon May 11 22:53:30 2020
@@ -349,13 +349,13 @@
        QMap<int, QString> gsVersions;
 #if defined _WIN32
        // Try to locate GhostScript thanks to the registry
-       DWORD size;
+       DWORD size, regVersionSize;
        HKEY hKey1, hKey2;
        DWORD regType = REG_SZ;
        REGSAM flags  = KEY_READ;
-       WCHAR regVersion[MAX_PATH];
-       WCHAR regPath[MAX_PATH];
-       WCHAR gsPath[MAX_PATH];
+       WCHAR regVersion[MAX_PATH] = {};
+       WCHAR regPath[MAX_PATH] = {};
+       WCHAR gsPath[MAX_PATH] = {};
        QString gsVersion, gsExeName, gsName;
 
        bool isWin64Api = false;
@@ -372,9 +372,9 @@
 
        if (RegOpenKeyExW(HKEY_LOCAL_MACHINE, (LPCWSTR) regKey.utf16(), 0, 
flags, &hKey1) == ERROR_SUCCESS)
        {
-               size = sizeof(regVersion) / sizeof(WCHAR) - 1;
+               regVersionSize = sizeof(regVersion) / sizeof(WCHAR) - 1;
                DWORD keyIndex = 0;
-               while (RegEnumKeyExW(hKey1, keyIndex, regVersion, &size, 
nullptr, nullptr, nullptr, nullptr) == ERROR_SUCCESS)
+               while (RegEnumKeyExW(hKey1, keyIndex, regVersion, 
&regVersionSize, nullptr, nullptr, nullptr, nullptr) == ERROR_SUCCESS)
                {
                        int gsNumericVer, gsMajor, gsMinor;
                        wcscpy(regPath, (const wchar_t*) regKey.utf16());
@@ -382,7 +382,7 @@
                        wcscat(regPath, regVersion);
                        if (RegOpenKeyExW(HKEY_LOCAL_MACHINE, regPath, 0, 
flags, &hKey2) == ERROR_SUCCESS)
                        {
-                               size = sizeof(gsPath) - 1;
+                               size = sizeof(gsPath) - 2;
                                if (RegQueryValueExW(hKey2, L"GS_DLL", 0, 
&regType, (LPBYTE) gsPath, &size) == ERROR_SUCCESS)
                                {
                                        // We now have GhostScript dll path, 
but we want gswin32c.exe


_______________________________________________
scribus-commit mailing list
[email protected]
http://lists.scribus.net/mailman/listinfo/scribus-commit

Reply via email to