Home/ Questions/Q 6322105
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-24T16:16:08+00:00

getmodulefilenamew function produces false positive (buffer overflow) as it accepts second argument as buffer

  • 0

getmodulefilenamew function produces false positive (buffer overflow) as it accepts second argument as buffer – of fixed size in our case.

But looking through its documentation: http://msdn.microsoft.com/en-us/library/ms683197%28v=vs.85%29.aspx

Quote: If the buffer is too small to hold the module name, the string is truncated to nSize characters including the terminating null character, the function returns nSize, and the function sets the last error to ERROR_INSUFFICIENT_BUFFER.

Can somebody as trusted third party person confirm or reject this issue as false positive. Thanks for your help!

===

HMODULE applicationModule = GetModuleHandleW(NULL);
WCHAR processName[MAX_PATH];
memset(processName, 0, sizeof(processName));
GetModuleFileNameW(applicationModule, processName, sizeof(processName));

===

The problem is line with GetModuleFileNameW function

Scan was provided by Veracode static analyzer.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Your problem is that you are passing an incorrect value for nSize. You are passing the number of bytes but you should be passing the number of characters, MAX_PATH. These values differ because a wide character has a size of 2 bytes.

    So, yes there is an error in your code. If the module name is sufficiently long, Windows will attempt to write up to 520 characters to a buffer that only has room for 260.

    • 0