[PATCH 03/17] shell32/autocomplete: Handle heap_alloc failure and avoid a potential buffer overflow
Gabriel Ivăncescu
gabrielopcode at gmail.com
Thu Sep 6 10:43:34 CDT 2018
On Thu, Sep 6, 2018 at 6:28 PM, Huw Davies <huw.davies at physics.ox.ac.uk> wrote:
>
> I suggest we do the sprintf ourselves. All we'd need to do
> is replace the first occurrence of '%s' with the appropriate
> string. We can ignore width/precision specifiers for now
> unless we find that an app actually depends on them.
>
You mean you want the code itself to replace the %s with the string
without using sprintf? But then %12s wouldn't work, though I don't
think it's really useful... but if you're really fine with that I'll
go and do it.
This way we won't need patch 4/17 either (which guards against
multiple such args, e.g. two %s would use some string off the stack
which can lead to crash or vulnerability) since the rest will simply
be displayed as %s.
More information about the wine-devel
mailing list