odbccp32: Implement SQLGetPrivateProfileStringW/SQLGetPrivateProfileString

Mon Jul 20 06:12:29 CDT 2015

On 20.07.2015 12:53, Alistair Leslie-Hughes wrote:
> +        else
> +        {
> +            WCHAR name[MAX_PATH];
> +            DWORD index = 0;
> +            DWORD namelen;
> +
> +            usedefault = FALSE;
> +
> +            memset(buff, 0, buff_len);
> +            namelen = sizeof(name);
> +            while (RegEnumValueW(sectionkey, index, name, &namelen, NULL, NULL, NULL, NULL ) == ERROR_SUCCESS)
> +            {
> +                lstrcpyW(buff+ret, name);
> +                ret += namelen+1;
> +                namelen = sizeof(name);
> +                index++;
> +            }
> +        }

In this new case you unconditionally write to 'buff' without checking if 
you already exceeded 'buff_len'. Also memset of whole buffer looks 
suspicious and I don't see anything in tests that proves it.