[CMD] Use string-safe call to build the new console title (possibly truncated, we don't care), avoiding any buffer overflow. Caught by David Quintana.

2024-11-27 21:43:32 +08:00 · 2018-05-20 19:57:43 +02:00 · 2018-05-20 19:57:43 +02:00 · ddd03a8973
commit ddd03a8973
parent 7b618314c2
2 changed files with 4 additions and 1 deletions
--- a/base/shell/cmd/cmd.c
+++ b/base/shell/cmd/cmd.c
@ -382,7 +382,8 @@ Execute(LPTSTR Full, LPTSTR First, LPTSTR Rest, PARSED_COMMAND *Cmd)
    /* Save the original console title and build a new one */
    GetConsoleTitle(szWindowTitle, ARRAYSIZE(szWindowTitle));
    bTitleSet = FALSE;
-    _stprintf(szNewTitle, _T("%s - %s%s"), szWindowTitle, First, Rest);
+    StringCchPrintf(szNewTitle, ARRAYSIZE(szNewTitle),
+                    _T("%s - %s%s"), szWindowTitle, First, Rest);
    ConSetTitle(szNewTitle);

    /* check if this is a .BAT or .CMD file */
--- a/base/shell/cmd/precomp.h
+++ b/base/shell/cmd/precomp.h
@ -25,6 +25,8 @@
 #define NTOS_MODE_USER
 #include <ndk/rtlfuncs.h>

+#include <strsafe.h>
+
 #include <conutils.h>

 #include "resource.h"