regedit: Need 3 bytes of room at end of buffer for \r\n\0 to avoid endless loop. (resend)
Sebastian Lackner
sebastian at fds-team.de
Wed Nov 25 22:22:40 CST 2015
From: Jiaxing Wang <hello.wjx at gmail.com>
Signed-off-by: Sebastian Lackner <sebastian at fds-team.de>
---
Without this fix regedit deadlocks when trying to import the following file: http://ix.io/j1Y
(md5sum: 6928e59d2c1a92666377a088a1523666)
programs/regedit/regproc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/programs/regedit/regproc.c b/programs/regedit/regproc.c
index 643b559..2d766de 100644
--- a/programs/regedit/regproc.c
+++ b/programs/regedit/regproc.c
@@ -641,7 +641,7 @@ static void processRegLinesA(FILE *in, char* first_chars)
/* Do we need to expand the buffer ? */
assert (s >= line && s <= line + lineSize);
size_remaining = lineSize - (s-line);
- if (size_remaining < 2) /* room for 1 character and the \0 */
+ if (size_remaining < 3) /* need at least 3 bytes of room for \r\n\0 */
{
char *new_buffer;
size_t new_size = lineSize + REG_VAL_BUF_SIZE;
--
2.6.2
More information about the wine-patches
mailing list