diff options
author | Corinna Vinschen <corinna@vinschen.de> | 2014-06-23 15:43:33 +0400 |
---|---|---|
committer | Corinna Vinschen <corinna@vinschen.de> | 2014-06-23 15:43:33 +0400 |
commit | 9c54570beb5a3681bc744fe574d659b8255055a0 (patch) | |
tree | 2e4c7dbe50a7e9d238e31c341fdc82a5aa7ed777 | |
parent | 686f560ece247fdff45feff6c6efd0520db0d4ca (diff) |
* environ.cc (regopt): Allocate small local buffer to avoid copying
twice. Fixes resource leak (CID 60012). Add comment.
-rw-r--r-- | winsup/cygwin/ChangeLog | 5 | ||||
-rw-r--r-- | winsup/cygwin/environ.cc | 14 |
2 files changed, 12 insertions, 7 deletions
diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index ab98ebc7d..4d478d6e7 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,5 +1,10 @@ 2014-06-23 Corinna Vinschen <corinna@vinschen.de> + * environ.cc (regopt): Allocate small local buffer to avoid copying + twice. Fixes resource leak (CID 60012). Add comment. + +2014-06-23 Corinna Vinschen <corinna@vinschen.de> + * dll_init.cc (dll_list::alloc): Fix buffer overrun (CID 59940). 2014-06-23 Corinna Vinschen <corinna@vinschen.de> diff --git a/winsup/cygwin/environ.cc b/winsup/cygwin/environ.cc index a53b5f085..f56d19517 100644 --- a/winsup/cygwin/environ.cc +++ b/winsup/cygwin/environ.cc @@ -780,11 +780,15 @@ ucenv (char *p, const char *eq) /* Set options from the registry. */ static bool __stdcall -regopt (const WCHAR *name, char *buf) +regopt (PCWSTR name, char *buf) { bool parsed_something = false; UNICODE_STRING lname; size_t len = (wcslen(name) + 1) * sizeof (WCHAR); + WCHAR lbuf[1024]; /* Use reasonable size to lower stack pressure. + get_string alloca's this additionally and 1024 + is more than enough for CYGWIN env var values. */ + RtlInitEmptyUnicodeString(&lname, (PWCHAR) alloca (len), len); wcscpy(lname.Buffer, name); RtlDowncaseUnicodeString(&lname, &lname, FALSE); @@ -792,13 +796,9 @@ regopt (const WCHAR *name, char *buf) for (int i = 0; i < 2; i++) { reg_key r (i, KEY_READ, _WIDE (CYGWIN_INFO_PROGRAM_OPTIONS_NAME), NULL); - - if (NT_SUCCESS (r.get_string (lname.Buffer, (PWCHAR) buf, - NT_MAX_PATH, L""))) + if (NT_SUCCESS (r.get_string (lname.Buffer, lbuf, 1024, L""))) { - char *newp; - sys_wcstombs_alloc(&newp, HEAP_NOTHEAP, (PWCHAR) buf); - strcpy(buf, newp); + sys_wcstombs (buf, NT_MAX_PATH, lbuf); parse_options (buf); parsed_something = true; break; |