[Take 2] winex11.drv: Fix buffer overflow bug in X11DRV_KeyEvent()and X11DRV_ToUnicodeEx()
Dmitry Timoshkov
dmitry at codeweavers.com
Tue Aug 26 21:25:25 CDT 2008
"Muneyuki Noguchi" <nogu.dev at gmail.com> wrote:
>> I'd suggest to have an initial buffer of 64 bytes allocated on the stack,
>> and allocate a larger buffer only if required. That improves performance.
>
> lpChar and Str are referenced after XmbLookupString() or XLookupString()
> is called. If both a buffer on stack and a buffer on heap can be created,
> every time the buffer is referenced, I need to check whether the used buffer
> is one on stack or not:
>
> if (isStack) {
> lpChar[0] = 0;
> } else {
> lpChar2[0] = 0;
> }
>
> This implementation is ugly and won't improve performance so much.
You only need to check if an actually used string buffer point to
the stack buffer before HeapFree().
char Str[64];
char *ptr = Str;
required_size = 64;
[get actual required_size]
if (required_size > 64)
ptr = HeapAlloc(required_size);
[use ptr for the work]
if (ptr != Str)
HeapFree(ptr);
--
Dmitry.
More information about the wine-devel
mailing list