Re: [PATCH v2 0/1] MR7925: gdi32: Limit source string length in logfont_AtoW (ASan).

Alexandre Julliard (@julliard) commented about dlls/gdi32/text.c:

static void logfont_AtoW( const LOGFONTA *fontA, LPLOGFONTW fontW ) { memcpy( fontW, fontA, sizeof(LOGFONTA) - LF_FACESIZE ); - MultiByteToWideChar( CP_ACP, 0, fontA->lfFaceName, -1, fontW->lfFaceName, - LF_FACESIZE ); + MultiByteToWideChar( CP_ACP, 0, fontA->lfFaceName, LF_FACESIZE - 1, + fontW->lfFaceName, LF_FACESIZE - 1 ); This would convert potentially uninitialized data.

-- https://gitlab.winehq.org/wine/wine/-/merge_requests/7925#note_102172