[Bug 37953] New: stack overwrite in msvcrt functions

[wine-bugs at winehq.org]

https://bugs.winehq.org/show_bug.cgi?id=37953

            Bug ID: 37953
           Summary: stack overwrite in msvcrt functions
           Product: Wine
           Version: 1.7.34
          Hardware: x86
                OS: Linux
            Status: UNCONFIRMED
          Severity: major
          Priority: P2
         Component: msvcrt
          Assignee: wine-bugs at winehq.org
          Reporter: orion at cora.nwra.com
      Distribution: ---

Created attachment 50562
  --> https://bugs.winehq.org/attachment.cgi?id=50562
buffer length patch

On Fedora, which is compiled with -fstack-protector-strong I was seeing:

trace:msvcrt:pf_printf_w Format is:
L"\3577\6000\357e\6000\12d0\7704\eac4i\b53ci"
trace:msvcrt:_lock (29)
*** stack smashing detected ***: /export/home/orion/.wine/drive_c/Program
Files/Adobe/Reader 10.0/Reader/AcroRd32.exe terminated
======= Backtrace: =========
/lib/libc.so.6(+0x4fd49ad9)[0xf73fdad9]
/lib/libc.so.6(__fortify_fail+0x37)[0xf749c3d7]
/lib/libc.so.6(+0x4fde839a)[0xf749c39a]
/lib/wine/msvcr90.dll.so(+0x893f4)[0xf6e423f4]
/lib/wine/msvcr90.dll.so(+0x453a5)[0xf6dfe3a5]
/lib/wine/msvcr90.dll.so(+0x4547f)[0xf6dfe47f]
/lib/wine/msvcr90.dll.so(+0x81e69)[0xf6e3ae69]
/lib/wine/msvcr90.dll.so(MSVCRT_vfwprintf_s+0x7e)[0xf6e00fae]
/lib/wine/msvcr90.dll.so(MSVCRT_vwprintf_s+0x35)[0xf6e01205]
/lib/wine/msvcr90.dll.so(MSVCRT_wprintf_s+0x28)[0xf6e01828]

The attached patch fixes this by synchronizing the expected buffer length for
MSVCRT__wctomb().

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.