diff options
| -rw-r--r-- | base/file_util_win.cc | 8 | ||||
| -rw-r--r-- | chrome/browser/web_applications/web_app.cc | 8 |
2 files changed, 16 insertions, 0 deletions
diff --git a/base/file_util_win.cc b/base/file_util_win.cc index 32b6811..8f76c5c 100644 --- a/base/file_util_win.cc +++ b/base/file_util_win.cc @@ -306,6 +306,10 @@ bool CreateShortcutLink(const wchar_t *source, const wchar_t *destination, const wchar_t *working_dir, const wchar_t *arguments, const wchar_t *description, const wchar_t *icon, int icon_index, const wchar_t* app_id) { + // Length of arguments and description must be less than MAX_PATH. + DCHECK(lstrlen(arguments) < MAX_PATH); + DCHECK(lstrlen(description) < MAX_PATH); + ScopedComPtr<IShellLink> i_shell_link; ScopedComPtr<IPersistFile> i_persist_file; @@ -353,6 +357,10 @@ bool UpdateShortcutLink(const wchar_t *source, const wchar_t *destination, const wchar_t *working_dir, const wchar_t *arguments, const wchar_t *description, const wchar_t *icon, int icon_index, const wchar_t* app_id) { + // Length of arguments and description must be less than MAX_PATH. + DCHECK(lstrlen(arguments) < MAX_PATH); + DCHECK(lstrlen(description) < MAX_PATH); + // Get pointer to the IPersistFile interface and load existing link ScopedComPtr<IShellLink> i_shell_link; if (FAILED(i_shell_link.CreateInstance(CLSID_ShellLink, NULL, diff --git a/chrome/browser/web_applications/web_app.cc b/chrome/browser/web_applications/web_app.cc index 95186e9..a8ef292 100644 --- a/chrome/browser/web_applications/web_app.cc +++ b/chrome/browser/web_applications/web_app.cc @@ -356,6 +356,10 @@ bool CreateShortcutTask::CreateShortcut() { shortcut_info_.extension_id); std::wstring wide_switchs(UTF8ToWide(switches)); + // Sanitize description + if (shortcut_info_.description.length() >= MAX_PATH) + shortcut_info_.description.resize(MAX_PATH - 1); + // Generates app id from web app url and profile path. std::wstring app_id = ShellIntegration::GetAppId( web_app::GenerateApplicationNameFromURL(shortcut_info_.url).c_str(), @@ -599,6 +603,10 @@ void UpdateShortcutWorker::UpdateShortcutsOnFileThread() { web_app::GenerateApplicationNameFromURL(shortcut_info_.url).c_str(), profile_path_); + // Sanitize description + if (shortcut_info_.description.length() >= MAX_PATH) + shortcut_info_.description.resize(MAX_PATH - 1); + for (size_t i = 0; i < shortcut_files_.size(); ++i) { file_util::UpdateShortcutLink(NULL, shortcut_files_[i].value().c_str(), |