dbghelp: Fix read beyond end of field in module_get_debug.
Robert Shearman
rob at codeweavers.com
Thu Feb 21 10:44:24 CST 2008
pair->effective->module is of type IMAGEHLP_MODULEW64 and the ImageName
field is 256 WCHARs long. However, idslW64 is of type
IMAGEHLP_DEFERRED_SYMBOL_LOADW64 and the FileName field is MAX_PATH + 1
(261) WCHARs long.
Therefore, it could read beyond the end of the ImageName field in the
memcpy call. Although, benign in this case, it isn't good form so the
size passed to the memcpy call is changed to use the smaller of the two
fields.
---
dlls/dbghelp/module.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 41f1aeb6dc6316668ce9ef6bf2154539f1e55e6e.diff
Type: text/x-patch
Size: 631 bytes
Desc: not available
Url : http://www.winehq.org/pipermail/wine-patches/attachments/20080221/39f08e6b/attachment.bin
More information about the wine-patches
mailing list