[PATCH] msi: Fix a buffer overrun.
Zebediah Figura
z.figura12 at gmail.com
Thu Jun 29 00:09:50 CDT 2017
Fixes https://bugs.winehq.org/show_bug.cgi?id=43257
Signed-off-by: Zebediah Figura <z.figura12 at gmail.com>
---
dlls/msi/package.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/dlls/msi/package.c b/dlls/msi/package.c
index bf6ae10..3a75a1c 100644
--- a/dlls/msi/package.c
+++ b/dlls/msi/package.c
@@ -1812,17 +1812,17 @@ INT MSI_ProcessMessage( MSIPACKAGE *package, INSTALLMESSAGE eMessageType, MSIREC
{
WCHAR template_s[1024];
WCHAR *template_rec, *template;
- DWORD length;
LoadStringW(msi_hInstance, IDS_INFO, template_s, 1024);
- res = MSI_RecordGetStringW(record, 0, NULL, &length);
+ res = MSI_RecordGetStringW(record, 0, NULL, &len);
if (res != ERROR_SUCCESS && res != ERROR_MORE_DATA)
return res;
len++;
template_rec = msi_alloc(len * sizeof(WCHAR));
if (!template_rec) return ERROR_OUTOFMEMORY;
- MSI_RecordGetStringW(record, 0, template_rec, &length);
+ MSI_RecordGetStringW(record, 0, template_rec, &len);
+ len++;
template = msi_alloc((len + strlenW(template_s)) * sizeof(WCHAR));
if (!template) return ERROR_OUTOFMEMORY;
--
2.7.4
More information about the wine-patches
mailing list