msxml3: Prevent a crash at second call to vsnprintf
Nikolay Sivov
nsivov at codeweavers.com
Thu Mar 17 18:05:02 CDT 2011
On 3/18/2011 02:00, André Hentschel wrote:
> i did test that now for a while and if the first time the buffer isn't enough and len gets incremented (no matter how much) then the next call to vnsprintf crashes.
> that seems to happen only with 64 bits and i would blame Ubuntu for it :)
> see http://test.winehq.org/data/12b24af8d7bbb515c4cc678eef45c396487816a4/wine_ah-ub1004-64-nv-64/msxml3:domdoc.html
>
> so bumping the buffer length to 64 is enough to not trigger that case with our testsuite
> ---
> dlls/msxml3/main.c | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/dlls/msxml3/main.c b/dlls/msxml3/main.c
> index 01eabab..d3fda99 100644
> --- a/dlls/msxml3/main.c
> +++ b/dlls/msxml3/main.c
> @@ -63,7 +63,7 @@ HINSTANCE MSXML_hInstance = NULL;
> void wineXmlCallbackLog(char const* caller, xmlErrorLevel lvl, char const* msg, va_list ap)
> {
> char* buf = NULL;
> - int len = 32, needed;
> + int len = 64, needed;
> enum __wine_debug_class dbcl = __WINE_DBCL_ERR;
> switch (lvl)
> {
I feel like you need to figure out why it crashes.
More information about the wine-devel
mailing list