wine/wine-staging
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-staging.git synced 2024-11-21 16:46:54 -08:00
Code Issues Packages Projects Releases Wiki Activity

Added patch to avoid buffer overflow in mono print handler for large strings.

Browse Source
This commit is contained in:
Sebastian Lackner 2016-04-29 23:14:35 +02:00
parent 8d2cdec699
commit 88054b7a21
3 changed files with 50 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
patches/mscoree-Buffer_Overflow/0001-mscoree-Avoid-buffer-overflow-when-mono-print-handle.patch Normal file
View File

@ -0,0 +1,33 @@
From 11da1a0af07594aebccad786e536a05a74888d04 Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Fri, 29 Apr 2016 17:55:43 +0200
Subject: mscoree: Avoid buffer overflow when mono print handler returns huge
string at once.
Signed-off-by: Sebastian Lackner <sebastian@fds-team.de>
---
dlls/mscoree/metahost.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/dlls/mscoree/metahost.c b/dlls/mscoree/metahost.c
index 252740d..30b9739 100644
--- a/dlls/mscoree/metahost.c
+++ b/dlls/mscoree/metahost.c
@@ -272,7 +272,13 @@ static void CDECL mono_shutdown_callback_fn(MonoProfiler *prof)
static void CDECL mono_print_handler_fn(const char *string, INT is_stdout)
{
- wine_dbg_printf("%s", string);
+ const char *p;
+ for (; *string; string = p)
+ {
+ if ((p = strstr(string, "\n"))) p++;
+ else p = string + strlen(string);
+ wine_dbg_printf("%.*s", (int)(p - string), string);
+ }
}
static HRESULT CLRRuntimeInfo_GetRuntimeHost(CLRRuntimeInfo *This, RuntimeHost **result)
--
2.8.0

1
patches/mscoree-Buffer_Overflow/definition Normal file
View File

@ -0,0 +1 @@
Fixes: Avoid buffer overflow in mono print handler for large strings

16
patches/patchinstall.sh
View File

@ -185,6 +185,7 @@ patch_enable_all ()
enable_mmsystem_dll16_MIDIHDR_Refcount="$1"
enable_mountmgr_DosDevices="$1"
enable_mpr_WNetGetUniversalNameW="$1"
enable_mscoree_Buffer_Overflow="$1"
enable_mscoree_CorValidateImage="$1"
enable_mshtml_HTMLLocation_put_hash="$1"
enable_msidb_Implementation="$1"
@ -722,6 +723,9 @@ patch_enable ()
mpr-WNetGetUniversalNameW)
enable_mpr_WNetGetUniversalNameW="$2"
;;
mscoree-Buffer_Overflow)
enable_mscoree_Buffer_Overflow="$2"
;;
mscoree-CorValidateImage)
enable_mscoree_CorValidateImage="$2"
;;
@ -4340,6 +4344,18 @@ if test "$enable_mpr_WNetGetUniversalNameW" -eq 1; then
) >> "$patchlist"
fi
# Patchset mscoree-Buffer_Overflow
# |
# | Modified files:
# | * dlls/mscoree/metahost.c
# |
if test "$enable_mscoree_Buffer_Overflow" -eq 1; then
patch_apply mscoree-Buffer_Overflow/0001-mscoree-Avoid-buffer-overflow-when-mono-print-handle.patch
(
echo '+ { "Sebastian Lackner", "mscoree: Avoid buffer overflow when mono print handler returns huge string at once.", 1 },';
) >> "$patchlist"
fi
# Patchset mscoree-CorValidateImage
# |
# | This patchset fixes the following Wine bugs: