dmband: Indirection levels fix
Robert Shearman
rob at codeweavers.com
Thu Feb 21 10:22:19 CST 2008
Andrew Talbot wrote:
> diff --git a/dlls/dmband/band.c b/dlls/dmband/band.c
> index 891fb5a..8b89573 100644
> --- a/dlls/dmband/band.c
> +++ b/dlls/dmband/band.c
> @@ -173,7 +173,7 @@ static HRESULT WINAPI IDirectMusicBandImpl_IDirectMusicObject_SetDescriptor (LPD
> This->pDesc->ftDate = pDesc->ftDate;
> if (pDesc->dwValidData & DMUS_OBJ_MEMORY) {
> This->pDesc->llMemLength = pDesc->llMemLength;
> - memcpy (This->pDesc->pbMemData, pDesc->pbMemData, sizeof (pDesc->pbMemData));
> + memcpy (&This->pDesc->pbMemData, &pDesc->pbMemData, sizeof (pDesc->pbMemData));
> }
> if (pDesc->dwValidData & DMUS_OBJ_STREAM) {
> /* according to MSDN, we copy the stream */
This isn't correct. Judging by the surrounding code, this should be
allocating a block of memory of This->pDesc->pbMemData and then passing
pDesc->llMemLength into memcpy, possibly validating that
pDesc->llMemLength isn't greater than UINT_MAX to avoid an overflow.
--
Rob Shearman
More information about the wine-devel
mailing list