[Bug 46661] ISF_Desktop_fnGetDisplayNameOf function missing check for string variable This- >sPathTarget before copy it

[wine-bugs at winehq.org]

https://bugs.winehq.org/show_bug.cgi?id=46661

Zebediah Figura <z.figura12 at gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #12 from Zebediah Figura <z.figura12 at gmail.com> ---
(In reply to ossecurity from comment #11)
> Yes, that can cause application crash and this crash is a behaviour of Win32
> application. However, the missing check in ISF_Desktop_fnGetDisplayNameOf is
> the behaviour of wine.
> 
> It will be clearer to judge this bug if we focus on the behaviour mismatch.
> As hooking is supported function in windows, a prepared Win32
> Application(DoInjection.exe) doesn't crash in Windows(I verify it on Win 7),
> but it crash in wine. It seems Win7 has added sufficient
> checks(sanitizations or authority checks), however, wine doesn't.

You're also assuming that Windows has the same struct layout as Wine, which it
almost certainly doesn't. Only behaviour differences that affect real
applications are worth fixing.

There is no real reason to check for NULL here. It doesn't matter whose
"behaviour" the code is. The contract internal to the Wine code is that the
variable is valid from the moment the struct is allocated, not that it is valid
if and only if it is non-NULL.

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.