Rob Shearman : kernel32: Fix uninitialised memory read in GetPrivateProfileStringA if GetPrivateProfileStringW returns 0 .
Alexandre Julliard
julliard at winehq.org
Mon Nov 30 10:42:44 CST 2009
Module: wine
Branch: master
Commit: 47acaeaea81e566ea0c47dbc34e06acbf257037c
URL: http://source.winehq.org/git/wine.git/?a=commit;h=47acaeaea81e566ea0c47dbc34e06acbf257037c
Author: Rob Shearman <robertshearman at gmail.com>
Date: Sun Nov 29 10:34:19 2009 +0000
kernel32: Fix uninitialised memory read in GetPrivateProfileStringA if GetPrivateProfileStringW returns 0.
The buffer that was passed into the function will remain
uninitialised. Fix reading from this by only reading retW characters
from bufferW and manually nul-terminating the string.
---
dlls/kernel32/profile.c | 11 +++++------
1 files changed, 5 insertions(+), 6 deletions(-)
diff --git a/dlls/kernel32/profile.c b/dlls/kernel32/profile.c
index 5a9bd12..b5f7c0f 100644
--- a/dlls/kernel32/profile.c
+++ b/dlls/kernel32/profile.c
@@ -1173,14 +1173,13 @@ INT WINAPI GetPrivateProfileStringA( LPCSTR section, LPCSTR entry,
filenameW.Buffer);
if (len)
{
- ret = WideCharToMultiByte(CP_ACP, 0, bufferW, retW + 1, buffer, len, NULL, NULL);
- if (!ret)
+ if (retW)
{
- ret = len - 1;
- buffer[ret] = 0;
+ ret = WideCharToMultiByte(CP_ACP, 0, bufferW, retW, buffer, len - 1, NULL, NULL);
+ if (!ret)
+ ret = len - 1;
}
- else
- ret--; /* strip terminating 0 */
+ buffer[ret] = 0;
}
RtlFreeUnicodeString(§ionW);
More information about the wine-cvs
mailing list