[Bug 46661] ISF_Desktop_fnGetDisplayNameOf function missing check for string variable This- >sPathTarget before copy it
wine-bugs at winehq.org
wine-bugs at winehq.org
Mon Feb 18 22:01:14 CST 2019
https://bugs.winehq.org/show_bug.cgi?id=46661
--- Comment #4 from ossecurity <ossecurity at iscas.ac.cn> ---
Created attachment 63633
--> https://bugs.winehq.org/attachment.cgi?id=63633
README file with instruction to trigger it.
This hook program example, is for a missing check of 'This->sPathTarget' in
function 'ISF_Desktop_fnGetDisplayNameOf'.
[https://bugs.winehq.org/show_bug.cgi?id=46661]
It seems that this bug exists in all wine version till today(2019.2.19).
The errorlog.txt is generated under Debian Linux i386 environment and with
wine-2.0.2.
Steps to run this test example.
1.Extract this zip file to (e.g~/example).
2*(optional).Put the explorer.exe into the bin directory(e.g ~/example/bin).
Tip: you can replace it with your own. Find it from wine PREFIX directory.
[e.g.
~/.wine/drive_c/windows/system32/explorer.exe
~/.wine/drive_c/windows/explorer.exe]
3.Change to that directory and run DoInjection.exe by wine
$ cd ~/example/bin
$ wine ./DoInjection.exe
$ ^C
(Ctrl+C stop it, but not stop wineserver)
$ wine ./DoInjection.exe
(the second run will trigger the bug)
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list