[PATCH v2 0/1] MR2818: quartz: Avoid reading past the end of a buffer (Valgrind).
-- v2: quartz: Avoid reading past the end of a buffer (Valgrind). https://gitlab.winehq.org/wine/wine/-/merge_requests/2818
From: Rémi Bernon <rbernon(a)codeweavers.com> --- dlls/quartz/filtermapper.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dlls/quartz/filtermapper.c b/dlls/quartz/filtermapper.c index 149bc8d1716..dd7c6c41872 100644 --- a/dlls/quartz/filtermapper.c +++ b/dlls/quartz/filtermapper.c @@ -425,7 +425,7 @@ static int add_data(struct Vector *v, const void *pData, int size) static int find_data(const struct Vector *v, const void *pData, int size) { int index; - for (index = 0; index < v->current; index++) + for (index = 0; index + size <= v->current; index++) if (!memcmp(v->pData + index, pData, size)) return index; /* not found */ -- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/2818
On Tue May 16 12:15:39 2023 +0000, Zebediah Figura wrote:
We should only be able to overread in device_matches_id() if the string wasn't properly double-null-terminated. When can that happen? It's coming from a SetupDiSetDeviceRegistryPropertyW call in dinput tests with a short buffer, I'll fix it instead.
-- https://gitlab.winehq.org/wine/wine/-/merge_requests/2818#note_32879
This merge request was approved by Zebediah Figura. -- https://gitlab.winehq.org/wine/wine/-/merge_requests/2818
participants (2)
-
Rémi Bernon -
Zebediah Figura (@zfigura)