[Bug 49396] New: winedump crashes parsing the helpstring for sltg tlb file
WineHQ Bugzilla
wine-bugs at winehq.org
Tue Jun 16 08:18:12 CDT 2020
https://bugs.winehq.org/show_bug.cgi?id=49396
Bug ID: 49396
Summary: winedump crashes parsing the helpstring for sltg tlb
file
Product: Wine
Version: 5.10
Hardware: x86
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: -unknown
Assignee: wine-bugs at winehq.org
Reporter: infyquest at gmail.com
Distribution: ---
Created attachment 67465
--> https://bugs.winehq.org/attachment.cgi?id=67465
tlb file
winedump crashes parsing the helpstring for example sltg tlb file
winedump: ../../../wine/tools/winedump/tlb.c:1199: decode_string: Assertion
`strlen(buf) + strlen(p) + 1 <= buf_size' failed.
Complete output:
Contents of /home/vijay/dspcalc2.tlb: 3329 bytes
Header {
magic = 47544c53h
# file blocks = 6
pad = 000dh
size of index = 0035h
first block = 1
guid = {000204ff-0000-0000-c000-000000000046}
res1c = 00000034h
res20 = ffff0000h
}
Block entry 0 {
len = 000000cbh
index string = 2bh "8b09b0558"
next = 0002h
}
Block entry 1 {
len = 00000224h
index string = 21h "9b09b0558"
next = 0003h
}
Block entry 2 {
len = 00000104h
index string = 17h "ab09b0558"
next = 0004h
}
Block entry 3 {
len = 00000145h
index string = dh "bb09b0558"
next = 0005h
}
Block entry 4 {
len = 00000707h
index string = 9h "dir"
next = 0000h
}
index:
"\1CompObj"
"dir"
"bb09b0558"
"ab09b0558"
"9b09b0558"
"8b09b0558"
pad:
00000081: 00 00 00 00 00 00 00 00-00 00 36 28 50 ..........6(P
Block 0 {
0000008e: 01 05 ff ff ff ff ff ff-ff ff 1e 00 00 00 ff ff ..��������....��
0000009e: ff ff 00 00 00 00 01 00-ff ff 02 00 02 00 01 00 ��......��......
000000ae: ff ff 01 6e 00 00 00 0a-1a 12 00 64 00 00 00 56 ��.n.......d...V
000000be: 00 00 00 00 40 fe ff ff-ff 0a 1a 24 00 74 00 01 ....@����..$.t..
000000ce: 00 56 00 12 00 00 40 fe-ff ff ff 0a 1a 36 00 84 .V....@����..6.�
000000de: 00 02 00 56 00 24 00 00-40 fe ff ff ff 0a 1a 48 ...V.$..@����..H
000000ee: 00 96 00 03 00 56 00 36-00 00 40 fe ff ff ff 0a .�...V.6..@����.
000000fe: 1a ff ff a6 00 04 00 56-00 48 00 00 40 fe ff ff .���...V.H..@���
0000010e: ff ff ff 36 00 ff ff 12-00 ff ff ff ff 24 00 48 ���6.��..����$.H
0000011e: 00 ff ff 00 00 00 00 05-00 00 00 00 00 ff ff 00 .��..........��.
0000012e: 00 ff ff ff ff 48 00 ff-ff ff ff ff ff 00 00 00 .����H.������...
0000013e: 00 00 00 00 00 02 00 01-00 ff ff ff ff 00 00 ff .........����..�
0000014e: ff ff ff ff ff ff ff 0a-00 5a 00 �������..Z.
}
Block 0 {
magic = 0501h
href offset = ffffffffh
res06 = ffffffffh
member offset = 0x1e (+0x8e=0xac)
res0e = ffffffffh
version = 00000000h
res16 = ffff0001h
misc = 00020002h
misc: unknown1 02, flags 0000, unknown2 02, typekind 0 (TKIND_ENUM)
res1e = ffff0001h
member_header starts at 0xac, current offset = 0xb0
res00 = 6e01h
res02 = 0000h
res04 = 00h
extra = 00121a0ah
variable 0 {
000000b9: 64 00 00 00 56 00 00 00-00 40 fe ff ff ff 0a 1a
d...V....@����..
000000c9: 24 00 $.
magic = 64h
flags = 00h
next offset = 0 (+0xb9=0xb9)
name = 0056h
oInst = 0000h
type offset = 0x4000 (+0xb9=0x40b9)
type:
type description starts at 0x40b9
ff80 | (127)
type description ends at 0x40b9
memid = fffffffeh
helpcontext = 1a0ah
helpstring offset = 0x24 (+0xb9=0xdd)
winedump: ../../../wine/tools/winedump/tlb.c:1199: decode_string: Assertion
`strlen(buf) + strlen(p) + 1 <= buf_size' failed.
Aborted (core dumped)
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list