Thank you very much for commenting on this patch.

2014-10-20 0:06 GMT+08:00 Nikolay Sivov <bunglehead@gmail.com>:
+�� �� str = SysAllocStringLen(NULL, 1023);
+�� �� newstr = SysAllocStringLen(NULL, 1023);
Where this length comes from?
Well, I tested String on windows xp, and found that 1023 was the limit, when given a number bigger than that, the output kept the length of 1023.
+�� �� switch(V_VT(arg + 1)) {
+�� �� case VT_NULL:
+�� �� �� �� return MAKE_VBSERROR(VBSE_ILLEGAL_NULL_USE);
+�� �� case VT_BSTR:
+�� �� �� �� str = V_BSTR(arg + 1);
+�� �� �� �� break;
+�� �� case�� VT_ARRAY|VT_BYREF|VT_VARIANT:
+�� �� �� �� return DISP_E_TYPEMISMATCH;
+�� �� default:
+�� �� �� �� hres = to_short(arg + 1, &tmp);
+�� �� �� �� if(FAILED(hres))
+�� �� �� �� �� �� return hres;
+�� �� �� �� str[0] = (char)tmp;
+�� �� �� �� break;
+�� �� }
You only need first character, right? Then why do you need a full BSTR pointer in VT_BSTR case? And assigning it
to 'str' you leak a previously allocated buffer.
So how do I get the first character of (arg + 1)?�� How about this: str[0] = * V_BSTR(arg + 1)
In fact I don't quite understand how SysAllocStringLen work, but I see it is used in the former function, so I think maybe it is necessary.
Why cast to (char)tmp?
I think the type of str[0] is WCHAR, and tmp is an integer, shouldn't we make a cast?��

+�� �� else if(len == 0)
+�� �� �� �� newstr = '\0';
Same way you're losing pointer to allocated buffer.