[PATCH 3/3] reg: Prevent buffer over-read when querying REG_NONE values with no data
Hugh McMaster
hugh.mcmaster at outlook.com
Thu May 6 07:47:55 CDT 2021
Signed-off-by: Hugh McMaster <hugh.mcmaster at outlook.com>
---
programs/reg/query.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/programs/reg/query.c b/programs/reg/query.c
index 7e42719faf9..4886fb84bc1 100644
--- a/programs/reg/query.c
+++ b/programs/reg/query.c
@@ -50,7 +50,15 @@ static WCHAR *reg_data_to_wchar(DWORD type, const BYTE *src, DWORD size_bytes)
WCHAR *ptr;
buffer = malloc((size_bytes * 2 + 1) * sizeof(WCHAR));
+
+ if (!size_bytes)
+ {
+ *buffer = 0;
+ break;
+ }
+
ptr = buffer;
+
for (i = 0; i < size_bytes; i++)
ptr += swprintf(ptr, 3, L"%02X", src[i]);
break;
--
2.31.1
More information about the wine-devel
mailing list