kernel32: fix write buffer overrun in format_insertW
Dan Kegel
dank at kegel.com
Tue Dec 1 23:24:11 CST 2009
Buffer size should have been in bytes, not in chars. Fixes the error
Invalid write of size 2
at format_insertW (format_msg.c:361)
by FormatMessageW (format_msg.c:697)
by doitW (format_msg.c:49)
by test_message_from_string_wide (format_msg.c:211)
Address 0x7f0837ea is 0 bytes after a block of size 2 alloc'd
at RtlAllocateHeap (heap.c:1697)
by HeapAlloc (heap.c:276)
by format_insertW (format_msg.c:359)
by FormatMessageW (format_msg.c:697)
by doitW (format_msg.c:49)
by test_message_from_string_wide (format_msg.c:211)
seen in
http://kegel.com/wine/valgrind/logs/2009-11-30-19.16/vg-kernel32_format_msg.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: format.patch
Type: text/x-patch
Size: 572 bytes
Desc: not available
URL: <http://www.winehq.org/pipermail/wine-patches/attachments/20091201/f5d2136d/attachment-0001.bin>
More information about the wine-patches
mailing list