[PATCH 3/5] msvcrt: Don't read past end of string in _strncoll/_wcsncoll.
Piotr Caban
piotr.caban at gmail.com
Thu Aug 16 06:21:00 CDT 2018
Hi Daniel,
On 08/15/18 23:49, Daniel Lehman wrote:
> @@ -666,7 +668,11 @@ int CDECL MSVCRT__strncoll_l( const char* str1, const char* str2, MSVCRT_size_t
>
> if(!locinfo->lc_handle[MSVCRT_LC_COLLATE])
> return strncmp(str1, str2, count);
> - return CompareStringA(locinfo->lc_handle[MSVCRT_LC_COLLATE], 0, str1, count, str2, count)-CSTR_EQUAL;
> +
> + len1 = strlen(str1);
> + len2 = strlen(str2);
> + return CompareStringA(locinfo->lc_handle[MSVCRT_LC_COLLATE], 0,
> + str1, min(count, len1), str2, min(count, len2))-CSTR_EQUAL;
A quick testing shows that we can __crtCompareString function here (it
will need to be fixed in similar way). You will also need to use strnlen
instead of strlen - the string is not guaranteed to be NULL terminated.
Thanks,
Piotr
More information about the wine-devel
mailing list