From 0adc06322fd64e8b28ec9a4898f9d2408d5b7557 Mon Sep 17 00:00:00 2001 From: Don HO Date: Mon, 18 Feb 2019 23:13:28 +0100 Subject: [PATCH] [EU-FOSSA] Fix buffer overrun in Print dialog --- .../WinControls/Preference/preferenceDlg.cpp | 35 ++++++++++++------- .../WinControls/Preference/preferenceDlg.h | 6 ++-- 2 files changed, 25 insertions(+), 16 deletions(-) diff --git a/PowerEditor/src/WinControls/Preference/preferenceDlg.cpp b/PowerEditor/src/WinControls/Preference/preferenceDlg.cpp index bcd33ef5..f831d1ab 100644 --- a/PowerEditor/src/WinControls/Preference/preferenceDlg.cpp +++ b/PowerEditor/src/WinControls/Preference/preferenceDlg.cpp @@ -2387,22 +2387,33 @@ INT_PTR CALLBACK PrintSettingsDlg::run_dlgProc(UINT message, WPARAM wParam, LPAR case IDC_BUTTON_ADDVAR: { - if (!_focusedEditCtrl) - return TRUE; + try { + if (!_focusedEditCtrl) + return TRUE; - auto iSel = ::SendDlgItemMessage(_hSelf, IDC_COMBO_VARLIST, CB_GETCURSEL, 0, 0); - TCHAR *varStr = (TCHAR *)::SendDlgItemMessage(_hSelf, IDC_COMBO_VARLIST, CB_GETITEMDATA, iSel, 0); + auto iSel = ::SendDlgItemMessage(_hSelf, IDC_COMBO_VARLIST, CB_GETCURSEL, 0, 0); + TCHAR *varStr = (TCHAR *)::SendDlgItemMessage(_hSelf, IDC_COMBO_VARLIST, CB_GETITEMDATA, iSel, 0); + DWORD selStart = 0; + DWORD selEnd = 0; + ::SendDlgItemMessage(_hSelf, _focusedEditCtrl, EM_GETSEL, reinterpret_cast(&selStart), reinterpret_cast(&selEnd)); - ::SendDlgItemMessage(_hSelf, _focusedEditCtrl, EM_GETSEL, reinterpret_cast(&_selStart), reinterpret_cast(&_selEnd)); + const int stringSize = 256; + TCHAR str[stringSize]; + ::SendDlgItemMessage(_hSelf, _focusedEditCtrl, WM_GETTEXT, stringSize, reinterpret_cast(str)); - const int stringSize = 256; - TCHAR str[stringSize]; - ::SendDlgItemMessage(_hSelf, _focusedEditCtrl, WM_GETTEXT, stringSize, reinterpret_cast(str)); + generic_string str2Set(str); + size_t strLen = str2Set.length(); + if (selStart > strLen || selEnd > strLen) + selStart = selEnd = strLen; - generic_string str2Set(str); - str2Set.replace(_selStart, _selEnd - _selStart, varStr); - - ::SetDlgItemText(_hSelf, _focusedEditCtrl, str2Set.c_str()); + str2Set.replace(selStart, selEnd - selStart, varStr); + + ::SetDlgItemText(_hSelf, _focusedEditCtrl, str2Set.c_str()); + } + catch (...) + { + // Do nothing + } } break; } diff --git a/PowerEditor/src/WinControls/Preference/preferenceDlg.h b/PowerEditor/src/WinControls/Preference/preferenceDlg.h index d0d975b6..5d54ebeb 100644 --- a/PowerEditor/src/WinControls/Preference/preferenceDlg.h +++ b/PowerEditor/src/WinControls/Preference/preferenceDlg.h @@ -148,13 +148,11 @@ struct strCouple { class PrintSettingsDlg : public StaticDialog { public : - PrintSettingsDlg():_focusedEditCtrl(0), _selStart(0), _selEnd(0){}; + PrintSettingsDlg(){}; private : INT_PTR CALLBACK run_dlgProc(UINT message, WPARAM wParam, LPARAM lParam); std::vector varList; - int _focusedEditCtrl; - DWORD _selStart; - DWORD _selEnd; + int _focusedEditCtrl = 0; }; class BackupDlg : public StaticDialog