[PATCH] msvcrt: fix character/byte confusion in buffer overflow branch
Max Kellermann
max at duempel.org
Tue May 7 10:54:49 CDT 2013
On 2013/05/07 17:46, Juan Lang <juan.lang at gmail.com> wrote:
> In general, I think you want to send this to wine-patches, not here.
True, I resent it to wine-patches yesterday already, when I noticed
that.
> > if(out->len < len) {
> > - memcpy(out->buf, str, out->len);
> > + memcpy(out->buf, str, out->len*sizeof(APICHAR));
> > out->buf += out->len;
> >
>
> If the memcpy was incorrect, the += is also incorrect. I'm not sure which
> is the case, but either way, your patch can't be correct as is.
Sure?
out->buf is an "APICHAR*" (see printf.h), and adding out->len advances
the pointer by "out->len * sizeof(APICHAR)" bytes.
Am I missing something?
Max
More information about the wine-devel
mailing list