WoW crashes in 'wine_cp_mbstowcs' under certain circumstances.
Tomas Carnecky
tom at dbservice.com
Mon Apr 17 13:23:17 CDT 2006
Jesse Allen wrote:
> On 4/17/06, Tomas Carnecky <tom at dbservice.com> wrote:
>> Jesse Allen wrote:
>>> On 4/17/06, Tomas Carnecky <tom at dbservice.com> wrote:
>>>> Wine doesn't crash in this function, sorry, it's a bug in pf_vsnprintf()
>>>> which causes snprintf() to write beyond the end of the buffer.
>>>>
>>>> I've attached a patch that fixes it for me, but it's probably better not
>>>> to create such large buffers on the stack.
>>>> Anyone with a better fix?
>>>>
>>> I think the patch breaks printing fields larger than 400. I think the
>>> existing code should have been able to handle very large fields by
>>> allocating the memory to do it. I think more investigation is needed.
>>>
>> I thought that, too, but 'flags.FieldLength' was always zero, so the
>> function always used the 40-character buffer.
>>
> In the case that it is specified greater than 400, it will break.
>
What makes you think so? Sure the string buffer in the msvcrt test
application isn't big enought to hold a 500 character string, but when I
increase it it works fine.
tom
More information about the wine-devel
mailing list