[Bug 45105] heap-buffer overflow in gdi32
wine-bugs at winehq.org
wine-bugs at winehq.org
Tue May 8 10:39:52 CDT 2018
https://bugs.winehq.org/show_bug.cgi?id=45105
Vincent Povirk <madewokherd at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |madewokherd at gmail.com
--- Comment #1 from Vincent Povirk <madewokherd at gmail.com> ---
Lack of bounds checking is a more general problem in PlayEnhMetaFileRecord. We
don't check that the record itself is large enough for all its fields, or that
other variable-length fields fit.
I think it might be better to do the bounds checking in EnumEnhMetaFile. It's
unreasonable to expect individual applications to do exhaustive bounds checking
in their own enum callbacks.
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list