[Bug 20860] Read buffer overflow in INTERNET_SendCallback in wininet... calling strlen on non-nul-terminated buffer?
wine-bugs at winehq.org
wine-bugs at winehq.org
Thu Dec 3 20:19:43 CST 2009
http://bugs.winehq.org/show_bug.cgi?id=20860
--- Comment #1 from Juan Lang <juan_lang at yahoo.com> 2009-12-03 20:19:42 ---
The error is in the caller, which is passing too short a buffer. I'll send a
patch for this error, but others remain, especially in ftp.c. Here's one:
SendAsyncCallback(&hIC->hdr, dwContext,
INTERNET_STATUS_CONNECTED_TO_SERVER,
&socketAddr, sock_namelen);
Note that utility.c assumes the lpvStatusInfo is a wide string, not a socket
address. Unless FTP cannot be used in async mode (I don't really know), this
is clearly bogus.
--
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the wine-bugs
mailing list