Index: /trunk/src/VBox/Main/include/GuestDnDPrivate.h =================================================================== --- /trunk/src/VBox/Main/include/GuestDnDPrivate.h (revision 58231) +++ /trunk/src/VBox/Main/include/GuestDnDPrivate.h (revision 58232) @@ -596,4 +596,7 @@ return VINF_SUCCESS; } + + if (!RTStrIsValidEncoding(pszList)) + return VERR_INVALID_PARAMETER; RTCList lstURIOrg = RTCString(pszList, cbList).split("\r\n"); Index: /trunk/src/VBox/Main/src-client/GuestDnDPrivate.cpp =================================================================== --- /trunk/src/VBox/Main/src-client/GuestDnDPrivate.cpp (revision 58231) +++ /trunk/src/VBox/Main/src-client/GuestDnDPrivate.cpp (revision 58232) @@ -388,6 +388,11 @@ AssertReturn(DragAndDropSvc::CB_MAGIC_DND_HG_REQ_DATA == pCBData->hdr.u32Magic, VERR_INVALID_PARAMETER); - if ( pCBData->cbFormat == 0 - || pCBData->cbFormat > _64K) /** @todo Make this configurable? */ + if ( pCBData->cbFormat == 0 + || pCBData->cbFormat > _64K /** @todo Make this configurable? */ + || pCBData->pszFormat == NULL) + { + rc = VERR_INVALID_PARAMETER; + } + else if (!RTStrIsValidEncoding(pCBData->pszFormat)) { rc = VERR_INVALID_PARAMETER; @@ -427,6 +432,11 @@ AssertReturn(DragAndDropSvc::CB_MAGIC_DND_GH_ACK_PENDING == pCBData->hdr.u32Magic, VERR_INVALID_PARAMETER); - if ( pCBData->cbFormat == 0 - || pCBData->cbFormat > _64K) /** @todo Make the maximum size configurable? */ + if ( pCBData->cbFormat == 0 + || pCBData->cbFormat > _64K /** @todo Make the maximum size configurable? */ + || pCBData->pszFormat == NULL) + { + rc = VERR_INVALID_PARAMETER; + } + else if (!RTStrIsValidEncoding(pCBData->pszFormat)) { rc = VERR_INVALID_PARAMETER;