3 May
2025
3 May
'25
9:40 p.m.
If `KeUserModeCallback` fails, `ret_ptr` and `ret_len` might be left uninitialized. Since the returned status isn't checked in `dispatch_win_proc_params`, it can access uninitialized memory. * * * One way this could actually happen is if on x86_64 `KeUserModeCallback` returned `STATUS_STACK_OVERFLOW`. -- https://gitlab.winehq.org/wine/wine/-/merge_requests/7960