https://git.reactos.org/?p=reactos.git;a=commitdiff;h=a4b2c80853b36079b93d528bdf7189f001c8c83a
commit a4b2c80853b36079b93d528bdf7189f001c8c83a
Author: Thomas Faber <thomas.fa...@reactos.org>
AuthorDate: Mon Jan 3 10:15:57 2022 -0500
Commit: Thomas Faber <thomas.fa...@reactos.org>
CommitDate: Mon Jan 3 13:25:09 2022 -0500
[NTOS:KE] Fix buffer overflow when displaying x64 bug checks
---
ntoskrnl/ke/bug.c | 17 +++++++++--------
1 file changed, 9 insertions(+), 8 deletions(-)
diff --git a/ntoskrnl/ke/bug.c b/ntoskrnl/ke/bug.c
index 8930e5fc88d..78bea627ad8 100644
--- a/ntoskrnl/ke/bug.c
+++ b/ntoskrnl/ke/bug.c
@@ -611,7 +611,7 @@ KiDisplayBlueScreen(IN ULONG MessageId,
IN PCHAR HardErrMessage OPTIONAL,
IN PCHAR Message)
{
- CHAR AnsiName[75];
+ CHAR AnsiName[107];
/* Check if bootvid is installed */
if (InbvIsBootDriverInstalled())
@@ -676,13 +676,14 @@ KiDisplayBlueScreen(IN ULONG MessageId,
KeGetBugMessageText(BUGCHECK_TECH_INFO, NULL);
/* Show the technical Data */
- sprintf(AnsiName,
- "\r\n\r\n*** STOP: 0x%08lX (0x%p,0x%p,0x%p,0x%p)\r\n\r\n",
- (ULONG)KiBugCheckData[0],
- (PVOID)KiBugCheckData[1],
- (PVOID)KiBugCheckData[2],
- (PVOID)KiBugCheckData[3],
- (PVOID)KiBugCheckData[4]);
+ RtlStringCbPrintfA(AnsiName,
+ sizeof(AnsiName),
+ "\r\n\r\n*** STOP: 0x%08lX
(0x%p,0x%p,0x%p,0x%p)\r\n\r\n",
+ (ULONG)KiBugCheckData[0],
+ (PVOID)KiBugCheckData[1],
+ (PVOID)KiBugCheckData[2],
+ (PVOID)KiBugCheckData[3],
+ (PVOID)KiBugCheckData[4]);
InbvDisplayString(AnsiName);
/* Check if we have a driver*/
