From db4ca911804e50cc65e6ffe7f69fd7eae71a5262 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludwig=20Fr=C3=BChsch=C3=BCtz?= Date: Thu, 8 Apr 2021 23:53:04 +0200 Subject: [PATCH] Fixed heap corruption in string retrievement, also avoid runtime error if string doesnt fit buffer --- OSC2AHK/dllmain.cpp | 5 ++++- msgtest.ahk | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/OSC2AHK/dllmain.cpp b/OSC2AHK/dllmain.cpp index 8dbb1a2..5c4a48d 100644 --- a/OSC2AHK/dllmain.cpp +++ b/OSC2AHK/dllmain.cpp @@ -156,7 +156,10 @@ DLLEXPORT char* getStringData(char* targetString, unsigned int targetSize, unsig { if (storedStrings[i].id == stringId) { - strcpy_s(targetString, targetSize, storedStrings[i].string.c_str()); + if (storedStrings[i].string.length() < targetSize) //Avoid runtime error. + strcpy_s(targetString, targetSize, storedStrings[i].string.c_str()); + else + strcpy_s(targetString, targetSize, "\0"); //String doesnt fit, return empty string" storedStrings.erase(storedStrings.begin() + i); return targetString; } diff --git a/msgtest.ahk b/msgtest.ahk index bc640b1..5e1cc8c 100644 --- a/msgtest.ahk +++ b/msgtest.ahk @@ -48,7 +48,7 @@ msghandlerString(wParam, lParam, msg, hwnd) { stdout.Write("msghandlerString: ") VarSetCapacity(theStr, 20) - theStr := DllCall("OSC2AHK.dll\getStringData", AStr, theStr, UInt, 20, UInt, lParam, "Cdecl AStr") + theStr := DllCall("OSC2AHK.dll\getStringData", str, theStr, UInt, 20, UInt, lParam, AStr) stdout.WriteLine(theStr) stdout.Close()