[Bug 20851] New: Read buffer overflow in CombineRgn, triggered by imm32/tests/imm32.c
wine-bugs at winehq.org
wine-bugs at winehq.org
Fri Nov 27 20:51:34 CST 2009
http://bugs.winehq.org/show_bug.cgi?id=20851
Summary: Read buffer overflow in CombineRgn, triggered by
imm32/tests/imm32.c
Product: Wine
Version: 1.1.33
Platform: PC
OS/Version: Linux
Status: NEW
Keywords: download, source, testcase
Severity: normal
Priority: P2
Component: -unknown
AssignedTo: wine-bugs at winehq.org
ReportedBy: dank at kegel.com
http://kegel.com/wine/valgrind/logs/2009-11-18-21.51/vg-imm32_imm32.txt through
http://kegel.com/wine/valgrind/logs/2009-11-27-12.53/vg-imm32_imm32.txt
have the warning
Invalid read of size 4
at REGION_SubtractO (region.c:2219)
by REGION_RegionOp (region.c:1776)
by REGION_SubtractRegion (region.c:2258)
by CombineRgn (region.c:1376)
by NC_DoNCPaint (nonclient.c:1022)
by NC_HandleNCPaint (nonclient.c:1117)
by DEFWND_DefWinProc (defwnd.c:303)
by DefWindowProcA (defwnd.c:914)
by ??? (library.h:159)
by call_window_proc (winproc.c:469)
by WINPROC_CallProcWtoA (winproc.c:1279)
by WINPROC_call_window (winproc.c:2216)
by call_window_proc (message.c:1635)
by send_message (message.c:2482)
by SendMessageW (message.c:2605)
by send_ncpaint (painting.c:665)
by BeginPaint (painting.c:871)
by DEFWND_DefWinProc (defwnd.c:428)
by DefWindowProcA (defwnd.c:914)
by ??? (library.h:159)
Address 0x7f082810 is 0 bytes after a block of size 32 alloc'd
at notify_alloc (heap.c:247)
by RtlAllocateHeap (heap.c:1697)
by init_region (region.c:492)
by REGION_RegionOp (region.c:1666)
by REGION_UnionRegion (region.c:2094)
by REGION_UnionRectWithRegion (region.c:1260)
by ExtCreateRegion (region.c:1073)
by get_update_region (painting.c:549)
by send_ncpaint (painting.c:621)
by BeginPaint (painting.c:871)
by DEFWND_DefWinProc (defwnd.c:428)
by DefWindowProcA (defwnd.c:914)
by ??? (library.h:159)
by call_window_proc (winproc.c:469)
by WINPROC_call_window (winproc.c:2223)
by DispatchMessageA (message.c:3089)
by msg_spy_pump_msg_queue (imm32.c:81)
by msg_spy_flush_msgs (imm32.c:88)
by msg_spy_init (imm32.c:118)
by init (imm32.c:173)
This is likely a very old problem.
--
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the wine-bugs
mailing list