From cc90cd9341e193a3f405459f815b259dd2b328e0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jurko=20Gospodneti=C4=87?= <jurko.gospodnetic@pke.hr>
Date: Tue, 19 Jun 2012 00:55:44 +0000
Subject: [PATCH] Added explicit checking for too long command-line arguments
 for running directly using the CreateProcessA() API.

[SVN r79000]
---
 v2/engine/execnt.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/v2/engine/execnt.c b/v2/engine/execnt.c
index 93bf1c470..a960f7c2d 100644
--- a/v2/engine/execnt.c
+++ b/v2/engine/execnt.c
@@ -445,6 +445,20 @@ void exec_cmd
         }
         string_copy( &cmdtab[ slot ].command, command_orig );
 
+        /* CreateProcessA() Windows API places a limit of 32768 characters
+         * (bytes) on the allowed command-line length, including a trailing
+         * Unicode (2-byte) nul-terminator character.
+         */
+        #define MAX_RAW_COMMAND_LENGTH 32766
+printf("...strlen:%d/%d...max:%d...\n", strlen(command_local.value), command_local.size, MAX_RAW_COMMAND_LENGTH);
+        if ( command_local.size > MAX_RAW_COMMAND_LENGTH )
+        {
+            printf( "Command line too long (%d characters). Maximum executable "
+                "command-line length is %d.", command_local.size,
+                MAX_RAW_COMMAND_LENGTH );
+            exit( EXITBAD );
+        }
+
         /* Create output buffers. */
         string_new( &cmdtab[ slot ].buffer_out );
         string_new( &cmdtab[ slot ].buffer_err );