msvcrt: Fix int overflow for large arrays in quick_sort function
Frédéric Delanoy
frederic.delanoy at gmail.com
Mon May 26 04:28:43 CDT 2014
Potential overflow if array size > INT_MAX/2
---
dlls/msvcrt/misc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/dlls/msvcrt/misc.c b/dlls/msvcrt/misc.c
index 36d0608..a75b500 100644
--- a/dlls/msvcrt/misc.c
+++ b/dlls/msvcrt/misc.c
@@ -281,7 +281,7 @@ static void quick_sort(void *base, MSVCRT_size_t nmemb, MSVCRT_size_t size,
lo = beg;
hi = end;
- med = (hi+lo+1)/2;
+ med = lo + (hi-lo+1)/2;
if(compar(context, X(lo), X(med)) > 0)
swap(X(lo), X(med), size);
if(compar(context, X(lo), X(hi)) > 0)
--
1.9.3
More information about the wine-patches
mailing list