Merge pull request #494 from GeneralsOnlineDevelopmentTeam/seer/bugfix/safe-string-ops-stackdump

x64-dev · web-flow · commit 94422d30645c · 2026-05-07T17:26:55.000-04:00
bugfix(system): Prevent buffer overflows and uninitialized memory in stack dump and exception handling
diff --git a/Core/Libraries/Source/WWVegas/WWLib/Except.cpp b/Core/Libraries/Source/WWVegas/WWLib/Except.cpp
@@ -407,7 +407,7 @@ void Dump_Exception_Info(EXCEPTION_POINTERS *e_info)
 	/*
 	** Scrap buffer for constructing dump strings
 	*/
-	char scrap [256];
+	char scrap [256] = {};
 
 	/*
 	** Clear out the dump buffer
@@ -712,7 +712,7 @@ void Dump_Exception_Info(EXCEPTION_POINTERS *e_info)
 	** Dump the bytes at EIP. This will make it easier to match the crash address with later versions of the game.
 	*/
 	DebugString("EIP bytes dump...\n");
-	sprintf(scrap, "\r\nBytes at CS:EIP (%08X)  : ", context->Eip);
+	snprintf(scrap, ARRAY_SIZE(scrap), "\r\nBytes at CS:EIP (%08X)  : ", context->Eip);
 
 	unsigned char *eip_ptr = (unsigned char *) (context->Eip);
 	char bytestr[32];
diff --git a/Generals/Code/GameEngine/Source/Common/System/StackDump.cpp b/Generals/Code/GameEngine/Source/Common/System/StackDump.cpp
@@ -608,7 +608,7 @@ void DumpExceptionInfo( unsigned int u, EXCEPTION_POINTERS* e_info )
 	/*
 	** Dump the bytes at EIP. This will make it easier to match the crash address with later versions of the game.
 	*/
-	char scrap[512];
+	char scrap[512] = {};
 	DOUBLE_DEBUG ( ("EIP bytes dump..."));
 	wsprintf (scrap, "\nBytes at CS:EIP (%08X)  : ", context->Eip);
 
@@ -619,7 +619,7 @@ void DumpExceptionInfo( unsigned int u, EXCEPTION_POINTERS* e_info )
 	{
 		if (IsBadReadPtr(eip_ptr, 1))
 		{
-			lstrcat (scrap, "?? ");
+			strlcat(scrap, "?? ", ARRAY_SIZE(scrap));
 		}
 		else
 		{
diff --git a/GeneralsMD/Code/GameEngine/Source/Common/System/StackDump.cpp b/GeneralsMD/Code/GameEngine/Source/Common/System/StackDump.cpp
@@ -608,7 +608,7 @@ void DumpExceptionInfo( unsigned int u, EXCEPTION_POINTERS* e_info )
 	/*
 	** Dump the bytes at EIP. This will make it easier to match the crash address with later versions of the game.
 	*/
-	char scrap[512];
+	char scrap[512] = {};
 	DOUBLE_DEBUG ( ("EIP bytes dump..."));
 	wsprintf (scrap, "\nBytes at CS:EIP (%08X)  : ", context->Eip);
 
@@ -619,7 +619,7 @@ void DumpExceptionInfo( unsigned int u, EXCEPTION_POINTERS* e_info )
 	{
 		if (IsBadReadPtr(eip_ptr, 1))
 		{
-			lstrcat (scrap, "?? ");
+			strlcat(scrap, "?? ", ARRAY_SIZE(scrap));
 		}
 		else
 		{

Original file line number	Diff line number	Diff line change
`@@ -608,7 +608,7 @@ void DumpExceptionInfo( unsigned int u, EXCEPTION_POINTERS* e_info )`
`608`	`608`	`/*`
`609`	`609`	`** Dump the bytes at EIP. This will make it easier to match the crash address with later versions of the game.`
`610`	`610`	`*/`
`611`		`- char scrap[512];`
	`611`	`+ char scrap[512] = {};`
`612`	`612`	`DOUBLE_DEBUG ( ("EIP bytes dump..."));`
`613`	`613`	`wsprintf (scrap, "\nBytes at CS:EIP (%08X) : ", context->Eip);`
`614`	`614`
`@@ -619,7 +619,7 @@ void DumpExceptionInfo( unsigned int u, EXCEPTION_POINTERS* e_info )`
`619`	`619`	`{`
`620`	`620`	`if (IsBadReadPtr(eip_ptr, 1))`
`621`	`621`	`{`
`622`		`- lstrcat (scrap, "?? ");`
	`622`	`+ strlcat(scrap, "?? ", ARRAY_SIZE(scrap));`
`623`	`623`	`}`
`624`	`624`	`else`
`625`	`625`	`{`