diff options
| -rw-r--r-- | ChangeLog | 8 | ||||
| -rw-r--r-- | pthread_win32_attach_detach_np.c | 23 | 
2 files changed, 26 insertions, 5 deletions
| @@ -1,3 +1,11 @@ +2011-07-05  Ross Johnson <ross dot johnson at homemail dot com dot au>
 +
 +	* pthread_win32_attach_detach_np.c: Use strncat_s if available
 +	to removei a compile warning; MingW supports this routine but we
 +	continue to use strncat anyway there because it is secure if
 +	given the correct parameters; fix strncat param 3 to avoid
 +	buffer overrun exploitation potential.
 +
  2011-07-03  Ross Johnson <ross dot johnson at homemail dot com dot au>
  	* pthread_spin_unlock.c (EPERM): Return success if unlocking a lock
 diff --git a/pthread_win32_attach_detach_np.c b/pthread_win32_attach_detach_np.c index d26a632..bfad450 100644 --- a/pthread_win32_attach_detach_np.c +++ b/pthread_win32_attach_detach_np.c @@ -45,7 +45,7 @@ static HINSTANCE ptw32_h_quserex;  BOOL  pthread_win32_process_attach_np ()  { -  TCHAR WindowsSystemDirBuf[1024]; +  TCHAR QuserExDLLPathBuf[1024];    BOOL result = TRUE;    result = ptw32_processInitialize (); @@ -57,6 +57,9 @@ pthread_win32_process_attach_np ()  #if defined(__GNUC__)    ptw32_features = 0;  #else +  /* +   * This is obsolete now. +   */    ptw32_features = PTW32_SYSTEM_INTERLOCKED_COMPARE_EXCHANGE;  #endif @@ -67,12 +70,22 @@ pthread_win32_process_attach_np ()     *     * This should take care of any security issues.     */ -  if(GetSystemDirectory(WindowsSystemDirBuf, sizeof(WindowsSystemDirBuf))) +#if defined(__GNUC__) || _MSC_VER < 1400 +  if(GetSystemDirectory(QuserExDLLPathBuf, sizeof(QuserExDLLPathBuf))) +  { +    (void) strncat(QuserExDLLPathBuf, +                   "\\QUSEREX.DLL", +                   sizeof(QuserExDLLPathBuf) - strlen(QuserExDLLPathBuf) - 1); +    ptw32_h_quserex = LoadLibrary(QuserExDLLPathBuf); +  } +#else +  /* strncat is secure - this is just to avoid a warning */ +  if(GetSystemDirectory(QuserExDLLPathBuf, sizeof(QuserExDLLPathBuf)) && +     0 == strncat_s(QuserExDLLPathBuf, sizeof(QuserExDLLPathBuf), "\\QUSEREX.DLL", 12))    { -    ptw32_h_quserex = LoadLibrary (TEXT (strncat(WindowsSystemDirBuf, -                                                 "\\QUSEREX.DLL", -                                                 sizeof(WindowsSystemDirBuf)))); +    ptw32_h_quserex = LoadLibrary(QuserExDLLPathBuf);    } +#endif    if (ptw32_h_quserex != NULL)      { | 
