Possibile buffer overrun in Foundation/EventLogChannel

Hello,

I found in the current implementation (1.4.6) a possible buffer overrun in EventLogChannel.

``` cpp
EventLogChannel::EventLogChannel():
_logFile("Application"),
_h(0)
{
#if defined(POCO_WIN32_UTF8)
wchar_t name[256];
int n = GetModuleFileNameW(NULL, name, sizeof(name));
// ...
}
```

``` cpp
wchar_t name[256];
// -> array with 256 elements created
```

``` cpp
int n = GetModuleFileNameW(NULL, name, sizeof(name));
// -> Try to read 512 elements !!! because the length of one wchar_t is 2
```

Fixed version:

``` cpp
EventLogChannel::EventLogChannel():
_logFile("Application"),
_h(0)
{
static const int length = 256;
#if defined(POCO_WIN32_UTF8)
wchar_t name[length];
int n = GetModuleFileNameW(NULL, name, length);
// ...
}
```


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Possibile buffer overrun in Foundation/EventLogChannel #124

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Possibile buffer overrun in Foundation/EventLogChannel #124

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions