void ReadDataFromFile(char *szFilename,
LPOVERLAPPED_COMPLETION_ROUTINE func) { HANDLE hFile = CreateFile(szFilename,
FILE_ALL_ACCESS,
FILE_SHARE_READ,
NULL,
OPEN_EXISTING,
FILE_ATTRIBUTE_NORMAL |
FILE_FLAG_OVERLAPPED,
NULL);
OVERLAPPED io;
memset(&io,0,sizeof OVERLAPPED);
DWORD dwWritten=0, dwRes=0; const size_t cBuff = 1024;
char buff[cBuff];
if (!ReadFileEx(hFile,buff,cBuff,&io,func)){ } // rest of code}
LPOVERLAPPED_COMPLETION_ROUTINE func) { HANDLE hFile = CreateFile(szFilename,
FILE_ALL_ACCESS,
FILE_SHARE_READ,
NULL,
OPEN_EXISTING,
FILE_ATTRIBUTE_NORMAL |
FILE_FLAG_OVERLAPPED,
NULL);
OVERLAPPED io;
memset(&io,0,sizeof OVERLAPPED);
DWORD dwWritten=0, dwRes=0; const size_t cBuff = 1024;
char buff[cBuff];
if (!ReadFileEx(hFile,buff,cBuff,&io,func)){ } // rest of code}
void ReadDataFromFile(char *szFilename,
LPOVERLAPPED_COMPLETION_ROUTINE func) {char *szFilename改为CString szFilename合适一些
The main security flaw is that the routine calls ReadFileEx() using overlapped I/O with an asynchronous completion routine, but the buffer provided is on the stack.
In the general case, the function will have returned before the ReadFileEx() call completes, and the buffer that data is written into will quite possibly or probably be part of the stack frame of another function. Buffers used for async I/O need to be allocated from the heap. URL:
http://msdn.microsoft.com/visualc/default.aspx?pull=/library/en-us/dncode/html/secure03102004.asp
不知道是否是这样的,呵呵