No subject


Tue Aug 30 15:12:41 CDT 2005 

(necessarilly) Wine.  

What is happening is that a WM_GETTEXT message on the memo field is passing 
the wrong buffer length (too big).  What Wine is doing (apparently 
differently than Windows does) is "guaranteeing" that the returned string is 
null terminated by "blindly" setting the last byte of the buffer to zero 
(function EDIT_WM_GetText in controls/edit.c).  In this particular case, this 
last byte of memory happens to be the first byte of the category, turning IT 
into a null string!

I am assuming that NOT setting this last byte had caused a problem for some 
other program in the past, so I didn't want to remove the logic.  Instead, I 
changed it to set the byte conditional on the length of the string that is 
going to be returned:  If the length is bigger than passed, terminate it.

The attached patch makes this change.

(This bug doesn't manifest itself on Windows probably because the memo input 
field has a maximum input length set, so Windows never really changes any 
bytes past the true end of the buffer, even though the length sent to 
WM_GETTEXT is too big...)

HTH,

Carl

P.S.  I'm no C guru, so if there's a better way to do this, please let me know 
and I'll change it and re-submit the patch.

--------------Boundary-00=_705UBPC0YSTA7N49UKEE
Content-Type: text/x-diff;
  charset="us-ascii";
  name="EDIT_WM_GetText_conditional_termination.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="EDIT_WM_GetText_conditional_termination.patch"

Index: controls/edit.c
===================================================================
RCS file: /home/wine/wine/controls/edit.c,v
retrieving revision 1.95
diff -u -r1.95 edit.c
--- controls/edit.c	13 Jun 2002 19:20:43 -0000	1.95
+++ controls/edit.c	14 Aug 2002 12:54:32 -0000
@@ -3963,14 +3963,14 @@
     {
 	LPWSTR textW = (LPWSTR)lParam;
 	strncpyW(textW, es->text, count);
-	textW[count - 1] = 0; /* ensure 0 termination */
+	if (strlenW(textW) >= count) textW[count - 1] = 0; /* force 0 termination */
 	return strlenW(textW);
     }
     else
     {
 	LPSTR textA = (LPSTR)lParam;
 	WideCharToMultiByte(CP_ACP, 0, es->text, -1, textA, count, NULL, NULL);
-	textA[count - 1] = 0; /* ensure 0 termination */
+	if (strlen(textA) >= count) textA[count - 1] = 0; /* force 0 termination */
 	return strlen(textA);
     }
 }

--------------Boundary-00=_705UBPC0YSTA7N49UKEE--

More information about the wine-patches mailing list