msdmo: Array parameter is passed to function as pointer so loses size information

Robert Shearman rob at codeweavers.com
Wed Apr 9 08:39:50 CDT 2008


Andrew Talbot wrote:
> @@ -291,8 +291,9 @@ lend:
>   *
>   * Get DMP Name from the registry
>   */
> -HRESULT WINAPI DMOGetName(REFCLSID clsidDMO, WCHAR szName[80])
> +HRESULT WINAPI DMOGetName(REFCLSID clsidDMO, WCHAR szName[])
>  {
> +#define NAME_SIZE   80  /* Size of szName[] */
>      WCHAR szguid[64];
>      HRESULT hres;
>      HKEY hrkey = 0;
> @@ -311,7 +312,7 @@ HRESULT WINAPI DMOGetName(REFCLSID clsidDMO, WCHAR szName[80])
>      if (ERROR_SUCCESS != hres)
>          goto lend;
>  
> -    count = sizeof(szName);
> +    count = NAME_SIZE;
>      hres = RegQueryValueExW(hkey, NULL, NULL, NULL, 
>          (LPBYTE) szName, &count); 
>   

This is incorrect. count is the size in bytes of the buffer passed in 
(szName) and so should be sizeof(szName) not 
sizeof(szName)/sizeof(szName[0]) (i.e. 80).

I see this patch has already been committed, so 
a9200b24014607c4c82fb052b97de88daa804a81 should be reverted.

If you want to pick up errors like passing the wrong size into functions 
then I would suggest using an automatic checker that is able to use 
semantic information, like Microsoft's PREfast.

-- 
Rob Shearman




More information about the wine-devel mailing list