[GEN][ZH] Fix buffer overrun and memory leaks in listbox properties of GUIEdit (#796)

Caball009 · web-flow · commit d3bed71335fb · 2025-05-08T19:55:20.000+02:00
diff --git a/Generals/Code/Tools/GUIEdit/Source/Dialog Procedures/ListboxProperties.cpp b/Generals/Code/Tools/GUIEdit/Source/Dialog Procedures/ListboxProperties.cpp
@@ -600,9 +600,8 @@ static LRESULT CALLBACK listboxPropertiesCallback( HWND hWndDialog,
 						
 						if(newColumns > 1)
 						{
-							char *percentages = new char[60];
-							char *token;
-							GetDlgItemText(hWndDialog,EDIT_COLUMN_PERCENT,percentages,200);
+							Char percentages[200];
+							GetDlgItemText(hWndDialog,EDIT_COLUMN_PERCENT,percentages,sizeof(percentages));
 							if(strlen(percentages) == 0)
 							{
 								MessageBox(NULL,"You have specified a column amount greater then 1, please enter the same about of percentages","whoops",MB_OK | MB_ICONSTOP | MB_APPLMODAL);
@@ -612,7 +611,7 @@ static LRESULT CALLBACK listboxPropertiesCallback( HWND hWndDialog,
 							Int *newPercentages = new Int[newColumns];
 							Int i = 0;
 							Int total = 0;
-							token = strtok( percentages, "," );
+							Char *token = strtok( percentages, "," );
 							while( token != NULL )
 							{			
 								newPercentages[i] = atoi(token);
@@ -621,23 +620,26 @@ static LRESULT CALLBACK listboxPropertiesCallback( HWND hWndDialog,
 								i++;
 								if(i > newColumns && token)
 								{
-									Char *whoopsMsg = new char[250];
+									Char whoopsMsg[250];
 									sprintf(whoopsMsg,"You have Specified %d columns but I have read in more then that for the percentages, please double check your data", newColumns);
 									MessageBox(NULL, whoopsMsg,"Whoops",MB_OK | MB_ICONSTOP | MB_APPLMODAL);
+									delete[] newPercentages;
 									return 0;
 								}
 								else if( i < newColumns && !token )
 								{
-									Char *whoopsMsg = new char[250];
+									Char whoopsMsg[250];
 									sprintf(whoopsMsg,"You have Specified %d columns but I have read in only %d for the percentages, please double check your data", newColumns, i );
 									MessageBox(NULL, whoopsMsg,"Whoops",MB_OK | MB_ICONSTOP | MB_APPLMODAL);
+									delete[] newPercentages;
 									return 0;
 								}
 								else if((total > 100 ) || (total < 100 && !token ))
 								{
-									Char *whoopsMsg = new char[250];
+									Char whoopsMsg[250];
 									sprintf(whoopsMsg,"Please Double check to make sure your percentages add up to 100.");
 									MessageBox(NULL, whoopsMsg,"Whoops",MB_OK | MB_ICONSTOP | MB_APPLMODAL);
+									delete[] newPercentages;
 									return 0;
 								}
 							}						
@@ -941,8 +943,8 @@ HWND InitListboxPropertiesDialog( GameWindow *window )
 	SetDlgItemInt( dialog, EDIT_NUM_COLUMNS, listData->columns, FALSE );
 	if(listData->columns > 1)
 	{
-		char *percentages = new char[60];
-		char *tempStr = new char[60];
+		Char percentages[200];
+		Char tempStr[33];
 		sprintf(percentages,"%d",listData->columnWidthPercentage[0]);
 		for(Int i = 1; i < listData->columns; i++ )
 		{
diff --git a/GeneralsMD/Code/Tools/GUIEdit/Source/Dialog Procedures/ListboxProperties.cpp b/GeneralsMD/Code/Tools/GUIEdit/Source/Dialog Procedures/ListboxProperties.cpp
@@ -600,9 +600,8 @@ static LRESULT CALLBACK listboxPropertiesCallback( HWND hWndDialog,
 						
 						if(newColumns > 1)
 						{
-							char *percentages = new char[60];
-							char *token;
-							GetDlgItemText(hWndDialog,EDIT_COLUMN_PERCENT,percentages,200);
+							Char percentages[200];
+							GetDlgItemText(hWndDialog,EDIT_COLUMN_PERCENT,percentages,sizeof(percentages));
 							if(strlen(percentages) == 0)
 							{
 								MessageBox(NULL,"You have specified a column amount greater then 1, please enter the same about of percentages","whoops",MB_OK | MB_ICONSTOP | MB_APPLMODAL);
@@ -612,7 +611,7 @@ static LRESULT CALLBACK listboxPropertiesCallback( HWND hWndDialog,
 							Int *newPercentages = new Int[newColumns];
 							Int i = 0;
 							Int total = 0;
-							token = strtok( percentages, "," );
+							Char *token = strtok( percentages, "," );
 							while( token != NULL )
 							{			
 								newPercentages[i] = atoi(token);
@@ -621,23 +620,26 @@ static LRESULT CALLBACK listboxPropertiesCallback( HWND hWndDialog,
 								i++;
 								if(i > newColumns && token)
 								{
-									Char *whoopsMsg = new char[250];
+									Char whoopsMsg[250];
 									sprintf(whoopsMsg,"You have Specified %d columns but I have read in more then that for the percentages, please double check your data", newColumns);
 									MessageBox(NULL, whoopsMsg,"Whoops",MB_OK | MB_ICONSTOP | MB_APPLMODAL);
+									delete[] newPercentages;
 									return 0;
 								}
 								else if( i < newColumns && !token )
 								{
-									Char *whoopsMsg = new char[250];
+									Char whoopsMsg[250];
 									sprintf(whoopsMsg,"You have Specified %d columns but I have read in only %d for the percentages, please double check your data", newColumns, i );
 									MessageBox(NULL, whoopsMsg,"Whoops",MB_OK | MB_ICONSTOP | MB_APPLMODAL);
+									delete[] newPercentages;
 									return 0;
 								}
 								else if((total > 100 ) || (total < 100 && !token ))
 								{
-									Char *whoopsMsg = new char[250];
+									Char whoopsMsg[250];
 									sprintf(whoopsMsg,"Please Double check to make sure your percentages add up to 100.");
 									MessageBox(NULL, whoopsMsg,"Whoops",MB_OK | MB_ICONSTOP | MB_APPLMODAL);
+									delete[] newPercentages;
 									return 0;
 								}
 							}						
@@ -941,8 +943,8 @@ HWND InitListboxPropertiesDialog( GameWindow *window )
 	SetDlgItemInt( dialog, EDIT_NUM_COLUMNS, listData->columns, FALSE );
 	if(listData->columns > 1)
 	{
-		char *percentages = new char[60];
-		char *tempStr = new char[60];
+		Char percentages[200];
+		Char tempStr[33];
 		sprintf(percentages,"%d",listData->columnWidthPercentage[0]);
 		for(Int i = 1; i < listData->columns; i++ )
 		{

Original file line number	Diff line number	Diff line change
`@@ -600,9 +600,8 @@ static LRESULT CALLBACK listboxPropertiesCallback( HWND hWndDialog,`
`600`	`600`
`601`	`601`	`if(newColumns > 1)`
`602`	`602`	`{`
`603`		`- char *percentages = new char[60];`
`604`		`- char *token;`
`605`		`- GetDlgItemText(hWndDialog,EDIT_COLUMN_PERCENT,percentages,200);`
	`603`	`+ Char percentages[200];`
	`604`	`+ GetDlgItemText(hWndDialog,EDIT_COLUMN_PERCENT,percentages,sizeof(percentages));`
`606`	`605`	`if(strlen(percentages) == 0)`
`607`	`606`	`{`
`608`	`607`	`MessageBox(NULL,"You have specified a column amount greater then 1, please enter the same about of percentages","whoops",MB_OK \| MB_ICONSTOP \| MB_APPLMODAL);`
`@@ -612,7 +611,7 @@ static LRESULT CALLBACK listboxPropertiesCallback( HWND hWndDialog,`
`612`	`611`	`Int *newPercentages = new Int[newColumns];`
`613`	`612`	`Int i = 0;`
`614`	`613`	`Int total = 0;`
`615`		`- token = strtok( percentages, "," );`
	`614`	`+ Char *token = strtok( percentages, "," );`
`616`	`615`	`while( token != NULL )`
`617`	`616`	`{`
`618`	`617`	`newPercentages[i] = atoi(token);`
`@@ -621,23 +620,26 @@ static LRESULT CALLBACK listboxPropertiesCallback( HWND hWndDialog,`
`621`	`620`	`i++;`
`622`	`621`	`if(i > newColumns && token)`
`623`	`622`	`{`
`624`		`- Char *whoopsMsg = new char[250];`
	`623`	`+ Char whoopsMsg[250];`
`625`	`624`	`sprintf(whoopsMsg,"You have Specified %d columns but I have read in more then that for the percentages, please double check your data", newColumns);`
`626`	`625`	`MessageBox(NULL, whoopsMsg,"Whoops",MB_OK \| MB_ICONSTOP \| MB_APPLMODAL);`
	`626`	`+ delete[] newPercentages;`
`627`	`627`	`return 0;`
`628`	`628`	`}`
`629`	`629`	`else if( i < newColumns && !token )`
`630`	`630`	`{`
`631`		`- Char *whoopsMsg = new char[250];`
	`631`	`+ Char whoopsMsg[250];`
`632`	`632`	`sprintf(whoopsMsg,"You have Specified %d columns but I have read in only %d for the percentages, please double check your data", newColumns, i );`
`633`	`633`	`MessageBox(NULL, whoopsMsg,"Whoops",MB_OK \| MB_ICONSTOP \| MB_APPLMODAL);`
	`634`	`+ delete[] newPercentages;`
`634`	`635`	`return 0;`
`635`	`636`	`}`
`636`	`637`	`else if((total > 100 ) \|\| (total < 100 && !token ))`
`637`	`638`	`{`
`638`		`- Char *whoopsMsg = new char[250];`
	`639`	`+ Char whoopsMsg[250];`
`639`	`640`	`sprintf(whoopsMsg,"Please Double check to make sure your percentages add up to 100.");`
`640`	`641`	`MessageBox(NULL, whoopsMsg,"Whoops",MB_OK \| MB_ICONSTOP \| MB_APPLMODAL);`
	`642`	`+ delete[] newPercentages;`
`641`	`643`	`return 0;`
`642`	`644`	`}`
`643`	`645`	`}`
`@@ -941,8 +943,8 @@ HWND InitListboxPropertiesDialog( GameWindow *window )`
`941`	`943`	`SetDlgItemInt( dialog, EDIT_NUM_COLUMNS, listData->columns, FALSE );`
`942`	`944`	`if(listData->columns > 1)`
`943`	`945`	`{`
`944`		`- char *percentages = new char[60];`
`945`		`- char *tempStr = new char[60];`
	`946`	`+ Char percentages[200];`
	`947`	`+ Char tempStr[33];`
`946`	`948`	`sprintf(percentages,"%d",listData->columnWidthPercentage[0]);`
`947`	`949`	`for(Int i = 1; i < listData->columns; i++ )`
`948`	`950`	`{`