From 20092245c9f55409821acf2c16caca99d819c734 Mon Sep 17 00:00:00 2001
From: "seer-by-sentry[bot]"
 <157164994+seer-by-sentry[bot]@users.noreply.github.com>
Date: Thu, 7 May 2026 21:26:33 +0000
Subject: [PATCH] bugfix(system): Prevent buffer overflows and uninitialized
 memory in stack dump and exception handling

---
 Core/Libraries/Source/WWVegas/WWLib/Except.cpp                | 4 ++--
 Generals/Code/GameEngine/Source/Common/System/StackDump.cpp   | 4 ++--
 GeneralsMD/Code/GameEngine/Source/Common/System/StackDump.cpp | 4 ++--
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/Core/Libraries/Source/WWVegas/WWLib/Except.cpp b/Core/Libraries/Source/WWVegas/WWLib/Except.cpp
index 82b8c2ca28e..b719ddcc44b 100644
--- a/Core/Libraries/Source/WWVegas/WWLib/Except.cpp
+++ b/Core/Libraries/Source/WWVegas/WWLib/Except.cpp
@@ -355,7 +355,7 @@ void Dump_Exception_Info(EXCEPTION_POINTERS *e_info)
 	/*
 	** Scrap buffer for constructing dump strings
 	*/
-	char scrap [256];
+	char scrap [256] = {};
 
 	/*
 	** Clear out the dump buffer
@@ -660,7 +660,7 @@ void Dump_Exception_Info(EXCEPTION_POINTERS *e_info)
 	** Dump the bytes at EIP. This will make it easier to match the crash address with later versions of the game.
 	*/
 	DebugString("EIP bytes dump...\n");
-	sprintf(scrap, "\r\nBytes at CS:EIP (%08X)  : ", context->Eip);
+	snprintf(scrap, ARRAY_SIZE(scrap), "\r\nBytes at CS:EIP (%08X)  : ", context->Eip);
 
 	unsigned char *eip_ptr = (unsigned char *) (context->Eip);
 	char bytestr[32];
diff --git a/Generals/Code/GameEngine/Source/Common/System/StackDump.cpp b/Generals/Code/GameEngine/Source/Common/System/StackDump.cpp
index 85ed379b3a3..ebebbf676b2 100644
--- a/Generals/Code/GameEngine/Source/Common/System/StackDump.cpp
+++ b/Generals/Code/GameEngine/Source/Common/System/StackDump.cpp
@@ -608,7 +608,7 @@ void DumpExceptionInfo( unsigned int u, EXCEPTION_POINTERS* e_info )
 	/*
 	** Dump the bytes at EIP. This will make it easier to match the crash address with later versions of the game.
 	*/
-	char scrap[512];
+	char scrap[512] = {};
 	DOUBLE_DEBUG ( ("EIP bytes dump..."));
 	wsprintf (scrap, "\nBytes at CS:EIP (%08X)  : ", context->Eip);
 
@@ -619,7 +619,7 @@ void DumpExceptionInfo( unsigned int u, EXCEPTION_POINTERS* e_info )
 	{
 		if (IsBadReadPtr(eip_ptr, 1))
 		{
-			lstrcat (scrap, "?? ");
+			strlcat(scrap, "?? ", ARRAY_SIZE(scrap));
 		}
 		else
 		{
diff --git a/GeneralsMD/Code/GameEngine/Source/Common/System/StackDump.cpp b/GeneralsMD/Code/GameEngine/Source/Common/System/StackDump.cpp
index 19d28dfc4d4..67e9e3f5221 100644
--- a/GeneralsMD/Code/GameEngine/Source/Common/System/StackDump.cpp
+++ b/GeneralsMD/Code/GameEngine/Source/Common/System/StackDump.cpp
@@ -608,7 +608,7 @@ void DumpExceptionInfo( unsigned int u, EXCEPTION_POINTERS* e_info )
 	/*
 	** Dump the bytes at EIP. This will make it easier to match the crash address with later versions of the game.
 	*/
-	char scrap[512];
+	char scrap[512] = {};
 	DOUBLE_DEBUG ( ("EIP bytes dump..."));
 	wsprintf (scrap, "\nBytes at CS:EIP (%08X)  : ", context->Eip);
 
@@ -619,7 +619,7 @@ void DumpExceptionInfo( unsigned int u, EXCEPTION_POINTERS* e_info )
 	{
 		if (IsBadReadPtr(eip_ptr, 1))
 		{
-			lstrcat (scrap, "?? ");
+			strlcat(scrap, "?? ", ARRAY_SIZE(scrap));
 		}
 		else
 		{