diff options
| author | Jan Dubois <jand@activestate.com> | 2011-01-12 11:31:49 -0800 |
|---|---|---|
| committer | Jan Dubois <jand@activestate.com> | 2011-01-12 11:31:49 -0800 |
| commit | 2ae3110b76299590fc3db9d4cb26cd7b80c3b796 (patch) | |
| tree | a802d46151c7880a24d3a3755d01b338f27b5c1d | |
| parent | 3fa5404dd58b68a0fcd1b3237b84da342905c54a (diff) | |
| download | perl-2ae3110b76299590fc3db9d4cb26cd7b80c3b796.tar.gz | |
Update to Win32-0.43 from CPAN
| -rwxr-xr-x | Porting/Maintainers.pl | 2 | ||||
| -rw-r--r-- | cpan/Win32/Changes | 4 | ||||
| -rw-r--r-- | cpan/Win32/Win32.pm | 2 | ||||
| -rw-r--r-- | cpan/Win32/Win32.xs | 42 |
4 files changed, 32 insertions, 18 deletions
diff --git a/Porting/Maintainers.pl b/Porting/Maintainers.pl index 15eb3fbe80..e2f7d28ba6 100755 --- a/Porting/Maintainers.pl +++ b/Porting/Maintainers.pl @@ -1640,7 +1640,7 @@ use File::Glob qw(:case); 'Win32' => { 'MAINTAINER' => 'jand', - 'DISTRIBUTION' => "JDB/Win32-0.42.tar.gz", + 'DISTRIBUTION' => "JDB/Win32-0.43.tar.gz", 'FILES' => q[cpan/Win32], 'UPSTREAM' => 'cpan', }, diff --git a/cpan/Win32/Changes b/cpan/Win32/Changes index 00c74078e1..7a425971d2 100644 --- a/cpan/Win32/Changes +++ b/cpan/Win32/Changes @@ -1,5 +1,9 @@ Revision history for the Perl extension Win32.
+0.43 [2011-01-12]
+ - fix a few potential buffer overrun bugs reported by Alex Davies.
+ [perl#78710]
+
0.42 [2011-01-06]
- remove brittle test for Win32::GetLongPathName($ENV{SYSTEMROOT})
which will fail if the case of the environment value doesn't
diff --git a/cpan/Win32/Win32.pm b/cpan/Win32/Win32.pm index 792ed7f161..cfc5bb9160 100644 --- a/cpan/Win32/Win32.pm +++ b/cpan/Win32/Win32.pm @@ -8,7 +8,7 @@ package Win32; require DynaLoader;
@ISA = qw|Exporter DynaLoader|;
- $VERSION = '0.42';
+ $VERSION = '0.43';
$XS_VERSION = $VERSION;
$VERSION = eval $VERSION;
diff --git a/cpan/Win32/Win32.xs b/cpan/Win32/Win32.xs index f6d96b4374..9c4ea33c81 100644 --- a/cpan/Win32/Win32.xs +++ b/cpan/Win32/Win32.xs @@ -1483,7 +1483,8 @@ XS(w32_GetFullPathName) /* fullname is the MAX_PATH+1 sized buffer returned from PerlDir_mapA()
* or the 2*MAX_PATH sized local buffer in the __CYGWIN__ case.
*/
- strcpy(lastchar+1, "\\");
+ if (lastchar - fullname < MAX_PATH - 1)
+ strcpy(lastchar+1, "\\");
}
}
@@ -1519,13 +1520,15 @@ XS(w32_GetLongPathName) WCHAR wide_path[MAX_PATH+1];
WCHAR *long_path;
- wcscpy(wide_path, wstr);
- Safefree(wstr);
- long_path = my_longpathW(wide_path);
- if (long_path) {
- ST(0) = wstr_to_sv(aTHX_ long_path);
- XSRETURN(1);
+ if (wcslen(wstr) < countof(wide_path)) {
+ wcscpy(wide_path, wstr);
+ long_path = my_longpathW(wide_path);
+ if (long_path) {
+ ST(0) = wstr_to_sv(aTHX_ long_path);
+ XSRETURN(1);
+ }
}
+ Safefree(wstr);
}
else {
SV *path;
@@ -1535,11 +1538,13 @@ XS(w32_GetLongPathName) path = ST(0);
pathstr = SvPV(path,len);
- strcpy(tmpbuf, pathstr);
- pathstr = my_longpathA(tmpbuf);
- if (pathstr) {
- ST(0) = sv_2mortal(newSVpvn(pathstr, strlen(pathstr)));
- XSRETURN(1);
+ if (len < sizeof(tmpbuf)) {
+ strcpy(tmpbuf, pathstr);
+ pathstr = my_longpathA(tmpbuf);
+ if (pathstr) {
+ ST(0) = sv_2mortal(newSVpvn(pathstr, strlen(pathstr)));
+ XSRETURN(1);
+ }
}
}
XSRETURN_EMPTY;
@@ -1572,14 +1577,19 @@ XS(w32_CopyFile) {
dXSARGS;
BOOL bResult;
+ char *pszSourceFile;
char szSourceFile[MAX_PATH+1];
if (items != 3)
Perl_croak(aTHX_ "usage: Win32::CopyFile($from, $to, $overwrite)");
- strcpy(szSourceFile, PerlDir_mapA(SvPV_nolen(ST(0))));
- bResult = CopyFileA(szSourceFile, PerlDir_mapA(SvPV_nolen(ST(1))), !SvTRUE(ST(2)));
- if (bResult)
- XSRETURN_YES;
+
+ pszSourceFile = PerlDir_mapA(SvPV_nolen(ST(0)));
+ if (strlen(pszSourceFile) < sizeof(szSourceFile)) {
+ strcpy(szSourceFile, pszSourceFile);
+ bResult = CopyFileA(szSourceFile, PerlDir_mapA(SvPV_nolen(ST(1))), !SvTRUE(ST(2)));
+ if (bResult)
+ XSRETURN_YES;
+ }
XSRETURN_NO;
}
|