ntdll: Fix two buffer overflow conditions in RtlDosPathNameToNtPathName_U.

Octavian Voicu octavian.voicu at gmail.com
Tue Sep 6 09:46:43 CDT 2011


On Tue, Sep 6, 2011 at 4:40 PM, Vitaliy Margolen
<wine-devel at kievinfo.com> wrote:
> The fix is not entirely correct. UNICODE_STRING does not have to have a
> terminating \0 character. The code should not use str* functions on not
> zero-terminated strings.

I was also unsure about this when coding the patch, but I read here [1] that:

"Specifies the length, in bytes, of the string pointed to by the
Buffer member, not including the terminating NULL character, if any."

So it's not a mistake to include a NULL character. I figured it's not
worth the trouble to change the last strcpy into memcpy, especially
because it could also be the case that it would introduce regressions
(in case some other code wrongly depends on that NULL).

Should I change offending strcpyW to memcpy?

Octavian

[1] http://msdn.microsoft.com/en-us/library/aa380518(v=vs.85).aspx



More information about the wine-devel mailing list