ntdll: Fix RtlIntegerToUnicodeString so it won't overflow
Alexandre Julliard
julliard at winehq.org
Thu May 8 15:24:34 CDT 2008
"Maarten Lankhorst" <m.b.lankhorst at gmail.com> writes:
> It copies str->Length + sizeof(WCHAR) to the destination buffer
> according to james' testcases. So it definitely looks like a bug to me
> if it would copy data beyond MaximumLength, since only up to
> MaximumLength is guaranteed to be allocated. Of course you're right
> that my fix is likely wrong, the >= max should probablly be changed to
>> max, otherwise it would return STATUS_BUFFER_OVERFLOW wrongly.
And that's exactly what the existing code is doing (except if
MaximumLength is odd but that makes no sense for a WCHAR buffer).
--
Alexandre Julliard
julliard at winehq.org
More information about the wine-devel
mailing list