[PATCH] protect from 1 byte static buffer overflow
Marcus Meissner
marcus at jet.franken.de
Fri Mar 2 01:22:21 CST 2007
Hi,
spotted by Coverity ...
Can only happen if the Convert call fails.
Ciao, Marcus
---
dlls/mlang/tests/mlang.c | 7 +++++--
1 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/dlls/mlang/tests/mlang.c b/dlls/mlang/tests/mlang.c
index 69e8c50..471f54a 100644
--- a/dlls/mlang/tests/mlang.c
+++ b/dlls/mlang/tests/mlang.c
@@ -86,8 +86,11 @@ static void test_multibyte_to_unicode_tr
ok(ret == S_OK, "IMultiLanguage2_ConvertStringToUnicode failed: %08x\n", ret);
ok(lenA == lstrlenA(stringA), "expected lenA %u, got %u\n", lstrlenA(stringA), lenA);
ok(lenW == lstrlenW(stringW), "expected lenW %u, got %u\n", lstrlenW(stringW), lenW);
- ok(bufW[lenW] != 0, "buf should not be 0 terminated\n");
- bufW[lenW] = 0; /* -1 doesn't include 0 terminator */
+ if (lenW < sizeof(bufW)/sizeof(bufW[0])) {
+ /* can only happen if the convert call fails */
+ ok(bufW[lenW] != 0, "buf should not be 0 terminated\n");
+ bufW[lenW] = 0; /* -1 doesn't include 0 terminator */
+ }
ok(!lstrcmpW(bufW, stringW), "bufW/stringW mismatch\n");
memset(bufW, 'x', sizeof(bufW));
--
1.4.3.4
More information about the wine-patches
mailing list