21 Feb
2008
21 Feb
'08
9:13 p.m.
Robert Shearman wrote:
This isn't correct. Judging by the surrounding code, this should be allocating a block of memory of This->pDesc->pbMemData and then passing pDesc->llMemLength into memcpy, possibly validating that pDesc->llMemLength isn't greater than UINT_MAX to avoid an overflow.
Yes. I realised later that there were two possibilites: pointer copying or memory copying, so I sent an email to Alexandre, since I didn't have my normal usenet access at the time. I was unable to figure out whether This->pDesc->pbMemData needs its own slice of memory or whether it can use that which comes with pDesc->pbMemData. I shall leave this one (and a similar one in dmcompos/chordmap.c) and sweep on with the easy fixes. Thanks, -- Andy.