Re: [PATCH v4 0/2] MR7539: combase : clsid_from_string_reg() add read of CurVer key value.

Nikolay Sivov (@nsivov) commented about dlls/combase/combase.c:

if (open_classes_key(HKEY_CLASSES_ROOT, buf, MAXIMUM_ALLOWED, &xhkey)) { - free(buf); - WARN("couldn't open key for ProgID %s\n", debugstr_w(progid)); - return CO_E_CLASSSTRING; + lstrcpyW(buf, progid); + lstrcatW(buf, L"\\CurVer"); + if (RegQueryValueW(HKEY_CLASSES_ROOT, buf, buf3, &buf3len)) + { + free(buf); + WARN("couldn't query CurVer value for ProgID %s\n", debugstr_w(progid)); + return CO_E_CLASSSTRING; + } + + lstrcpyW(buf, buf3); + lstrcatW(buf, L"\\CLSID");

Size of 'buf' has no relation to size of 'buf3', so you can't assume you can copy things and not overrun it. -- https://gitlab.winehq.org/wine/wine/-/merge_requests/7539#note_115152