8 May
2008
8 May
'08
9:31 a.m.
"Maarten Lankhorst" <m.b.lankhorst(a)gmail.com> writes:
@@ -1970,7 +1970,7 @@ NTSTATUS WINAPI RtlIntegerToUnicodeString( } while (value != 0L);
str->Length = (&buffer[32] - pos) * sizeof(WCHAR); - if (str->Length >= str->MaximumLength) { + if (str->Length + sizeof(WCHAR) >= str->MaximumLength) { return STATUS_BUFFER_OVERFLOW; } else { memcpy(str->Buffer, pos, str->Length + sizeof(WCHAR));
There's no overflow here. The Windows implementation of RtlIntegerToUnicodeString seems badly confused but I don't think we need to replicate those bugs. -- Alexandre Julliard julliard(a)winehq.org