On Fri, Apr 20, 2018 at 08:46:23AM +0100, Huw Davies wrote:
On Fri, Apr 20, 2018 at 08:18:19AM +0100, Owen Rudge wrote:
Signed-off-by: Owen Rudge <orudge(a)codeweavers.com> +static HRESULT build_types_list(LPWSTR buffer, size_t buffer_size, const WSD_NAME_LIST *list, struct list *namespaces) +{ + WCHAR format_string[] = { '%', 's', ':', '%', 's', ' ', 0 }; + LPWSTR current_buf_pos = buffer; + size_t memory_needed = 0; + const WSD_NAME_LIST *cur = list; + + ZeroMemory(buffer, buffer_size); + + while (cur != NULL) + { + /* Calculate space needed, including NULL character, colon and potential trailing space */ + memory_needed = sizeof(WCHAR) * (lstrlenW(cur->Element->LocalName) + + lstrlenW(cur->Element->Space->PreferredPrefix) + 3); + + if (current_buf_pos + memory_needed > buffer + buffer_size) + return E_INVALIDARG; + + current_buf_pos += wsprintfW(current_buf_pos, format_string, cur->Element->Space->PreferredPrefix, + cur->Element->LocalName); + + /* Record the namespace in the discovered namespaces list */ + if (!add_discovered_namespace(namespaces, cur->Element->Space)) + return E_FAIL; + + cur = cur->Next; + } + + /* Remove the last trailing space */ + current_buf_pos--; + *current_buf_pos = 0;
Is it possible that list could be NULL so that the while loop is never executed? If so, then the above line would touch buffer[-1]. If list is never NULL consider rewriting the loop as a do-while.
And actually, thinking about it a bit more, it would most likely be cleaner to add the space at the beginning of the loop if (cur != list). Huw.