From b83397a7653646e1c23512ba8be9f4ee07e2c0f4 Mon Sep 17 00:00:00 2001
From: rpj <rpj>
Date: Tue, 5 Jul 2011 02:02:35 +0000
Subject: Remove compile warning; fix bug

---
 ChangeLog                        |  8 ++++++++
 pthread_win32_attach_detach_np.c | 23 ++++++++++++++++++-----
 2 files changed, 26 insertions(+), 5 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 0c56b3a..2d4139f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+2011-07-05  Ross Johnson <ross dot johnson at homemail dot com dot au>
+
+	* pthread_win32_attach_detach_np.c: Use strncat_s if available
+	to removei a compile warning; MingW supports this routine but we
+	continue to use strncat anyway there because it is secure if
+	given the correct parameters; fix strncat param 3 to avoid
+	buffer overrun exploitation potential.
+
 2011-07-03  Ross Johnson <ross dot johnson at homemail dot com dot au>
 
 	* pthread_spin_unlock.c (EPERM): Return success if unlocking a lock
diff --git a/pthread_win32_attach_detach_np.c b/pthread_win32_attach_detach_np.c
index d26a632..bfad450 100644
--- a/pthread_win32_attach_detach_np.c
+++ b/pthread_win32_attach_detach_np.c
@@ -45,7 +45,7 @@ static HINSTANCE ptw32_h_quserex;
 BOOL
 pthread_win32_process_attach_np ()
 {
-  TCHAR WindowsSystemDirBuf[1024];
+  TCHAR QuserExDLLPathBuf[1024];
   BOOL result = TRUE;
 
   result = ptw32_processInitialize ();
@@ -57,6 +57,9 @@ pthread_win32_process_attach_np ()
 #if defined(__GNUC__)
   ptw32_features = 0;
 #else
+  /*
+   * This is obsolete now.
+   */
   ptw32_features = PTW32_SYSTEM_INTERLOCKED_COMPARE_EXCHANGE;
 #endif
 
@@ -67,12 +70,22 @@ pthread_win32_process_attach_np ()
    *
    * This should take care of any security issues.
    */
-  if(GetSystemDirectory(WindowsSystemDirBuf, sizeof(WindowsSystemDirBuf)))
+#if defined(__GNUC__) || _MSC_VER < 1400
+  if(GetSystemDirectory(QuserExDLLPathBuf, sizeof(QuserExDLLPathBuf)))
+  {
+    (void) strncat(QuserExDLLPathBuf,
+                   "\\QUSEREX.DLL",
+                   sizeof(QuserExDLLPathBuf) - strlen(QuserExDLLPathBuf) - 1);
+    ptw32_h_quserex = LoadLibrary(QuserExDLLPathBuf);
+  }
+#else
+  /* strncat is secure - this is just to avoid a warning */
+  if(GetSystemDirectory(QuserExDLLPathBuf, sizeof(QuserExDLLPathBuf)) &&
+     0 == strncat_s(QuserExDLLPathBuf, sizeof(QuserExDLLPathBuf), "\\QUSEREX.DLL", 12))
   {
-    ptw32_h_quserex = LoadLibrary (TEXT (strncat(WindowsSystemDirBuf,
-                                                 "\\QUSEREX.DLL",
-                                                 sizeof(WindowsSystemDirBuf))));
+    ptw32_h_quserex = LoadLibrary(QuserExDLLPathBuf);
   }
+#endif
 
   if (ptw32_h_quserex != NULL)
     {
-- 
cgit v1.2.3