diff options
-rw-r--r-- | ChangeLog | 8 | ||||
-rw-r--r-- | pthread_win32_attach_detach_np.c | 23 |
2 files changed, 26 insertions, 5 deletions
@@ -1,3 +1,11 @@ +2011-07-05 Ross Johnson <ross dot johnson at homemail dot com dot au>
+
+ * pthread_win32_attach_detach_np.c: Use strncat_s if available
+ to removei a compile warning; MingW supports this routine but we
+ continue to use strncat anyway there because it is secure if
+ given the correct parameters; fix strncat param 3 to avoid
+ buffer overrun exploitation potential.
+
2011-07-03 Ross Johnson <ross dot johnson at homemail dot com dot au>
* pthread_spin_unlock.c (EPERM): Return success if unlocking a lock
diff --git a/pthread_win32_attach_detach_np.c b/pthread_win32_attach_detach_np.c index d26a632..bfad450 100644 --- a/pthread_win32_attach_detach_np.c +++ b/pthread_win32_attach_detach_np.c @@ -45,7 +45,7 @@ static HINSTANCE ptw32_h_quserex; BOOL pthread_win32_process_attach_np () { - TCHAR WindowsSystemDirBuf[1024]; + TCHAR QuserExDLLPathBuf[1024]; BOOL result = TRUE; result = ptw32_processInitialize (); @@ -57,6 +57,9 @@ pthread_win32_process_attach_np () #if defined(__GNUC__) ptw32_features = 0; #else + /* + * This is obsolete now. + */ ptw32_features = PTW32_SYSTEM_INTERLOCKED_COMPARE_EXCHANGE; #endif @@ -67,12 +70,22 @@ pthread_win32_process_attach_np () * * This should take care of any security issues. */ - if(GetSystemDirectory(WindowsSystemDirBuf, sizeof(WindowsSystemDirBuf))) +#if defined(__GNUC__) || _MSC_VER < 1400 + if(GetSystemDirectory(QuserExDLLPathBuf, sizeof(QuserExDLLPathBuf))) + { + (void) strncat(QuserExDLLPathBuf, + "\\QUSEREX.DLL", + sizeof(QuserExDLLPathBuf) - strlen(QuserExDLLPathBuf) - 1); + ptw32_h_quserex = LoadLibrary(QuserExDLLPathBuf); + } +#else + /* strncat is secure - this is just to avoid a warning */ + if(GetSystemDirectory(QuserExDLLPathBuf, sizeof(QuserExDLLPathBuf)) && + 0 == strncat_s(QuserExDLLPathBuf, sizeof(QuserExDLLPathBuf), "\\QUSEREX.DLL", 12)) { - ptw32_h_quserex = LoadLibrary (TEXT (strncat(WindowsSystemDirBuf, - "\\QUSEREX.DLL", - sizeof(WindowsSystemDirBuf)))); + ptw32_h_quserex = LoadLibrary(QuserExDLLPathBuf); } +#endif if (ptw32_h_quserex != NULL) { |