Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improper use of SysAllocStringLen Can Cause Heap Corruption #17

Open
Rich-Lang opened this issue Dec 5, 2018 · 1 comment
Open

Improper use of SysAllocStringLen Can Cause Heap Corruption #17

Rich-Lang opened this issue Dec 5, 2018 · 1 comment

Comments

@Rich-Lang
Copy link

https://github.com/FWest98/hsts-iis-module/blob/develop/module/HSTSIisModule.cpp#L164 This is not a proper use of SysAllocStringLen. The length passed in should not be longer than the string passed in.

If strIn is not NULL, then the memory allocated to strIn must be at least ui characters long.
Source: https://docs.microsoft.com/en-us/windows/desktop/api/oleauto/nf-oleauto-sysallocstringlen

More Info: https://docs.microsoft.com/en-us/previous-versions/5c28xhds(v=vs.80)
@Rich-Lang
Copy link
Author

To see this issue in action, enable PageHeap Verification for w3wp.exe
https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/enable-page-heap

Rich-Lang added a commit to Rich-Lang/hsts-iis-module that referenced this issue Feb 19, 2019
@Rich-Lang
Fix Issue with SysAllocStringLen
b31572c 
Fixes FWest98#17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Rich-Lang