https://git.reactos.org/?p=reactos.git;a=commitdiff;h=953c03c336a762f3b4fd672a546c4c0986dfab1c
commit 953c03c336a762f3b4fd672a546c4c0986dfab1c Author: Victor Perevertkin <[email protected]> AuthorDate: Thu Oct 22 14:38:55 2020 +0300 Commit: Victor Perevertkin <[email protected]> CommitDate: Thu Oct 22 14:38:55 2020 +0300 [DEVMGR] Avoid buffer overflow when device reg key size is > 100 chars --- dll/win32/devmgr/properties/hwresource.cpp | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/dll/win32/devmgr/properties/hwresource.cpp b/dll/win32/devmgr/properties/hwresource.cpp index 76879042415..a3e1a88b65e 100644 --- a/dll/win32/devmgr/properties/hwresource.cpp +++ b/dll/win32/devmgr/properties/hwresource.cpp @@ -357,13 +357,15 @@ PVOID GetResourceList( LPWSTR pszDeviceID) { - WCHAR szBuffer[100]; PCM_RESOURCE_LIST pResourceList = NULL; HKEY hKey = NULL; DWORD dwError, dwSize; - wsprintf(szBuffer, L"SYSTEM\\CurrentControlSet\\Enum\\%s\\LogConf", pszDeviceID); - dwError = RegOpenKeyExW(HKEY_LOCAL_MACHINE, szBuffer, 0, KEY_READ, &hKey); + CStringW keyName = L"SYSTEM\\CurrentControlSet\\Enum\\"; + keyName += pszDeviceID; + keyName += L"\\LogConf"; + + dwError = RegOpenKeyExW(HKEY_LOCAL_MACHINE, keyName, 0, KEY_READ, &hKey); if (dwError != ERROR_SUCCESS) { /* failed to open device instance log conf dir */
