Misc bugs found by using valgrind
Shachar Shemesh
wine-devel at shemesh.biz
Sun Sep 21 09:44:09 CDT 2003
Michael Günnewig wrote:
>Changelog:
> Fixed use of uninitialized memory and wrong buffersize (found by valgrind).
>
>
> Michael
>
>
>
>------------------------------------------------------------------------
>
>--- dlls/avifil32/api.c.SAV 2003-09-20 16:14:45.000000000 +0200
>+++ dlls/avifil32/api.c 2003-09-20 14:46:10.000000000 +0200
>@@ -1009,7 +1009,7 @@
> szFilter[0] = 0;
> szFilter[1] = 0;
>
>- wszFilter = (LPWSTR)GlobalAllocPtr(GHND, cbFilter);
>+ wszFilter = (LPWSTR)GlobalAllocPtr(GHND, cbFilter * sizeof(WCHAR));
> if (wszFilter == NULL)
> return AVIERR_MEMORY;
>
>
What are we doing to prevent integer overflow on these allocations?
Shouldn't we, perhaps, use some wrapper that checks that
"cbFilter*sizeof(WCHAR)" is not greater than "MAXINT"?
Shachar
--
Shachar Shemesh
Open Source integration consultant
Home page & resume - http://www.shemesh.biz/
More information about the wine-devel
mailing list