[PATCH v2 2/3] msvcrt: Verify format string to prevent buffer overrun
Piotr Caban
piotr.caban at gmail.com
Mon Jul 30 07:50:28 CDT 2018
On 07/29/18 23:25, janisozaur at gmail.com wrote:
> @@ -686,7 +686,7 @@ _FUNCTION_ {
> * use %%." */
> while ((nch!=_EOF_) && _ISSPACE_(nch))
> nch = _GETC_(file);
> - if ((_CHAR_)nch == *format) {
> + if (*format && (_CHAR_)nch == *format) {
> suppress = 1; /* whoops no field to be read */
> st = 1; /* but we got what we expected */
> nch = _GETC_(file);
Shouldn't this check be done before whitespaces are read?
Thanks,
Piotr
More information about the wine-devel
mailing list