From: Alex Henrie <alexhenrie24@gmail.com> The length of the exported function name is the first byte in the name table entry. Since the length field is one byte, the maximum name length is 255 bytes, plus one byte for the null terminator. Instead of using a 200-byte name buffer (which might be too small) and then doing the equivalent of strdup, allocate the buffer on the heap to begin with. --- dlls/krnl386.exe16/snoop.c | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/dlls/krnl386.exe16/snoop.c b/dlls/krnl386.exe16/snoop.c index 15e61be0562..aba442ef351 100644 --- a/dlls/krnl386.exe16/snoop.c +++ b/dlls/krnl386.exe16/snoop.c @@ -123,7 +123,6 @@ SNOOP16_GetProcAddress16(HMODULE16 hmod,DWORD ordinal,FARPROC16 origfun) { SNOOP16_FUN *fun; NE_MODULE *pModule = NE_GetPtr(hmod); unsigned char *cpnt; - char name[200]; if (!TRACE_ON(snoop) || !pModule || !HIWORD(origfun)) return origfun; @@ -149,7 +148,8 @@ SNOOP16_GetProcAddress16(HMODULE16 hmod,DWORD ordinal,FARPROC16 origfun) { while (*cpnt) { cpnt += *cpnt + 1 + sizeof(WORD); if (*(WORD*)(cpnt+*cpnt+1) == ordinal) { - sprintf(name,"%.*s",*cpnt,cpnt+1); + fun->name = HeapAlloc(GetProcessHeap(), 0, *cpnt + 1); + sprintf(fun->name, "%.*s", *cpnt, cpnt + 1); break; } } @@ -160,17 +160,13 @@ SNOOP16_GetProcAddress16(HMODULE16 hmod,DWORD ordinal,FARPROC16 origfun) { while (*cpnt) { cpnt += *cpnt + 1 + sizeof(WORD); if (*(WORD*)(cpnt+*cpnt+1) == ordinal) { - sprintf(name,"%.*s",*cpnt,cpnt+1); - break; + fun->name = HeapAlloc(GetProcessHeap(), 0, *cpnt + 1); + sprintf(fun->name, "%.*s", *cpnt, cpnt + 1); + break; } } } - if (*cpnt) - { - fun->name = HeapAlloc(GetProcessHeap(),0,strlen(name)+1); - strcpy( fun->name, name ); - } - else + if (!fun->name) fun->name = HeapAlloc(GetProcessHeap(),HEAP_ZERO_MEMORY,1); /* empty string */ if (!SNOOP16_ShowDebugmsgSnoop(dll->name, ordinal, fun->name)) -- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/11048