Fix potential security issue with FormatMessage use
From MSDN: Security Remarks If this function is called without FORMAT_MESSAGE_IGNORE_INSERTS, the Arguments parameter must contain enough parameters to satisfy all insertion sequences in the message string, and they must be of the correct type. Therefore, do not use untrusted or unknown message strings with inserts enabled because they can contain more insertion sequences than Arguments provides, or those that may be of the wrong type. In particular, it is unsafe to take an arbitrary system error code returned from an API and use FORMAT_MESSAGE_FROM_SYSTEM without FORMAT_MESSAGE_IGNORE_INSERTS. (backport from master)
This commit is contained in:
@@ -7,7 +7,7 @@
|
||||
RString werr_ssprintf( int err, const char *fmt, ... )
|
||||
{
|
||||
char buf[1024] = "";
|
||||
FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM,
|
||||
FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS,
|
||||
0, err, 0, buf, sizeof(buf), nullptr);
|
||||
|
||||
// Why is FormatMessage returning text ending with \r\n? (who? -aj)
|
||||
|
||||
Reference in New Issue
Block a user