summaryrefslogblamecommitdiff
path: root/user/chntpw/chntpw-110511-robustness.patch
blob: ea2363f343516622501b3cf2f20e45bce5cb8c55 (plain) (tree)





































                                                                           
--- chntpw-110511.orig/ntreg.c	2011-05-11 12:33:56.000000000 -0700
+++ chntpw-110511/ntreg.c	2011-12-18 17:09:06.290818997 -0800
@@ -190,14 +190,18 @@
 
 int fmyinput(char *prmpt, char *ibuf, int maxlen)
 {
-   
+   int len;
    printf("%s",prmpt);
    
    fgets(ibuf,maxlen+1,stdin);
+   len = strlen(ibuf);
    
-   ibuf[strlen(ibuf)-1] = 0;
+   if (len) {
+      ibuf[len-1] = 0;
+      --len;
+   }
    
-   return(strlen(ibuf));
+   return len;
 }
 
 /* Print len number of hexbytes */
@@ -4119,6 +4123,14 @@
     closeHive(hdesc);
     return(NULL);
   }
+
+  if (r < sizeof (*hdesc)) {
+    fprintf(stderr,
+	    "file is too small; got %d bytes while expecting %d or more\n",
+	    r, sizeof (*hdesc));
+    closeHive(hdesc);
+    return(NULL);
+  }
 
   /* Now run through file, tallying all pages */
   /* NOTE/KLUDGE: Assume first page starts at offset 0x1000 */