From 48d81f845dd294d71f21d3312a5a16c426c4904e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bi=C8=99oc=20George?= <fraizeraust99@gmail.com>
Date: Mon, 18 Nov 2019 21:25:51 +0100
Subject: [PATCH] [OSK] Validate the registry value data on query (#2050)

Ensure that the value data we query on loading the registry configuration settings matches with its data size
---
 base/applications/osk/settings.c | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/base/applications/osk/settings.c b/base/applications/osk/settings.c
index b1bcb210f96..1f4d9c94800 100644
--- a/base/applications/osk/settings.c
+++ b/base/applications/osk/settings.c
@@ -16,7 +16,7 @@ BOOL LoadDataFromRegistry(VOID)
     HKEY hKey;
     LONG lResult;
     DWORD dwValue;
-    DWORD cbData = sizeof(DWORD);
+    DWORD cbData = sizeof(dwValue);
 
     /* Initialize the registry application settings */
     Globals.bShowWarning = TRUE;
@@ -49,7 +49,7 @@ BOOL LoadDataFromRegistry(VOID)
                                (BYTE *)&dwValue,
                                &cbData);
 
-    if (lResult != ERROR_SUCCESS)
+    if (lResult != ERROR_SUCCESS || cbData != sizeof(dwValue))
     {
         /* Bail out and return FALSE if we fail */
         RegCloseKey(hKey);
@@ -67,7 +67,7 @@ BOOL LoadDataFromRegistry(VOID)
                                (BYTE *)&dwValue,
                                &cbData);
 
-    if (lResult != ERROR_SUCCESS)
+    if (lResult != ERROR_SUCCESS || cbData != sizeof(dwValue))
     {
         /* Bail out and return FALSE if we fail */
         RegCloseKey(hKey);
@@ -85,7 +85,7 @@ BOOL LoadDataFromRegistry(VOID)
                                (BYTE *)&dwValue,
                                &cbData);
 
-    if (lResult != ERROR_SUCCESS)
+    if (lResult != ERROR_SUCCESS || cbData != sizeof(dwValue))
     {
         /* Bail out and return FALSE if we fail */
         RegCloseKey(hKey);
@@ -103,7 +103,7 @@ BOOL LoadDataFromRegistry(VOID)
                                (BYTE *)&dwValue,
                                &cbData);
 
-    if (lResult != ERROR_SUCCESS)
+    if (lResult != ERROR_SUCCESS || cbData != sizeof(dwValue))
     {
         /* Bail out and return FALSE if we fail */
         RegCloseKey(hKey);
@@ -120,7 +120,7 @@ BOOL LoadDataFromRegistry(VOID)
                                (BYTE *)&dwValue,
                                &cbData);
 
-    if (lResult != ERROR_SUCCESS)
+    if (lResult != ERROR_SUCCESS || cbData != sizeof(dwValue))
     {
         /* Bail out and return FALSE if we fail */
         RegCloseKey(hKey);
@@ -137,7 +137,7 @@ BOOL LoadDataFromRegistry(VOID)
                                (BYTE *)&dwValue,
                                &cbData);
 
-    if (lResult != ERROR_SUCCESS)
+    if (lResult != ERROR_SUCCESS || cbData != sizeof(dwValue))
     {
         /* Bail out and return FALSE if we fail */
         RegCloseKey(hKey);