PATCH: 1 byte overflow in msvcrt sprintf
Marcus Meissner
meissner at suse.de
Sat Jul 2 03:17:34 CDT 2005
Hi,
Found by redhat fortify extensions.
Ciao, Marcus
Changelog:
char pointer must be 11 byte to fit 10 characters + \0.
Index: dlls/msvcrt/wcs.c
===================================================================
RCS file: /home/wine/wine/dlls/msvcrt/wcs.c,v
retrieving revision 1.24
diff -u -r1.24 wcs.c
--- dlls/msvcrt/wcs.c 10 May 2005 08:27:38 -0000 1.24
+++ dlls/msvcrt/wcs.c 2 Jul 2005 08:15:33 -0000
@@ -553,7 +553,7 @@
/* output a pointer */
else if( flags.Format == 'p' )
{
- char pointer[10];
+ char pointer[11];
flags.PadZero = 0;
if( flags.Alternate )
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://www.winehq.org/pipermail/wine-patches/attachments/20050702/34b2a83e/attachment.pgp
More information about the wine-patches
mailing list