Fix potential security issue with FormatMessage use

From MSDN:

Security Remarks
If this function is called without FORMAT_MESSAGE_IGNORE_INSERTS, the
Arguments parameter must contain enough parameters to satisfy all insertion
sequences in the message string, and they must be of the correct type.
Therefore, do not use untrusted or unknown message strings with inserts
enabled because they can contain more insertion sequences than Arguments
provides, or those that may be of the wrong type. In particular, it is
unsafe to take an arbitrary system error code returned from an API and use
FORMAT_MESSAGE_FROM_SYSTEM without FORMAT_MESSAGE_IGNORE_INSERTS.

(backport from master)
This commit is contained in:
Tracy Ward
2019-10-04 08:58:05 -04:00
parent dfb524a547
commit dce0d0f91c
+1 -1
View File
@@ -7,7 +7,7 @@
RString werr_ssprintf( int err, const char *fmt, ... )
{
char buf[1024] = "";
FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM,
FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS,
0, err, 0, buf, sizeof(buf), nullptr);
// Why is FormatMessage returning text ending with \r\n? (who? -aj)