[Bug 20850] New: Write buffer overflow in WidenPath()
wine-bugs at winehq.org
wine-bugs at winehq.org
Fri Nov 27 20:33:52 CST 2009
http://bugs.winehq.org/show_bug.cgi?id=20850
Summary: Write buffer overflow in WidenPath()
Product: Wine
Version: 1.1.33
Platform: PC
OS/Version: Linux
Status: NEW
Keywords: download, source, testcase
Severity: normal
Priority: P2
Component: gdi32
AssignedTo: wine-bugs at winehq.org
ReportedBy: dank at kegel.com
http://kegel.com/wine/valgrind/logs/2009-11-19-08.35/vg-gdi32_path.txt
has the warning
Invalid write of size 4
at PATH_WidenPath (path.c:1911)
by WidenPath (path.c:2232)
by test_widenpath (path.c:68)
by func_path (path.c:508)
by run_test (test.h:535)
by main (test.h:585)
Address 0x7f03bb48 is 0 bytes after a block of size 0 alloc'd
at notify_alloc (heap.c:279)
by RtlAllocateHeap (heap.c:1521)
by PATH_WidenPath (path.c:1910)
by WidenPath (path.c:2232)
by test_widenpath (path.c:68)
The same problem appears in current sources, and has probably
been there since 2007.
Looking at WidenPath(), it seems that maybe numStrokes should
start at 1, not 0?
--
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the wine-bugs
mailing list