[ros-diffs] [reactos] 01/01: [IMM32] Don't allow invalid 'IME File' values

Fri, 16 Sep 2022 01:39:35 -0700 

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=db00a7522757ae4e5a084611528d42c076337921

commit db00a7522757ae4e5a084611528d42c076337921
Author:     Katayama Hirofumi MZ <katayama.hirofumi...@gmail.com>
AuthorDate: Fri Sep 16 17:35:05 2022 +0900
Commit:     Katayama Hirofumi MZ <katayama.hirofumi...@gmail.com>
CommitDate: Fri Sep 16 17:38:48 2022 +0900

    [IMM32] Don't allow invalid 'IME File' values
    
    Improve security. CORE-11700
---
 dll/win32/imm32/utils.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/dll/win32/imm32/utils.c b/dll/win32/imm32/utils.c
index 9e0c07195dd..1ba6d556f21 100644
--- a/dll/win32/imm32/utils.c
+++ b/dll/win32/imm32/utils.c
@@ -908,7 +908,8 @@ UINT APIENTRY Imm32GetImeLayout(PREG_IME pLayouts, UINT 
cLayouts)
 
         RegCloseKey(hkeyIME);
 
-        if (!szImeFileName[0])
+        /* We don't allow the invalid "IME File" values for security reason */
+        if (!szImeFileName[0] || wcschr(szImeFileName, L'\\') != NULL)
             break;
 
         Imm32StrToUInt(szImeKey, &Value, 16);

Reply via email to