http://bugs.winehq.org/show_bug.cgi?id=6560
rob(a)codeweavers.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #4074|application/octet-stream |text/plain
mime type| |
--
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
http://bugs.winehq.org/show_bug.cgi?id=6560
rob(a)codeweavers.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #4073|application/octet-stream |text/plain
mime type| |
--
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
http://bugs.winehq.org/show_bug.cgi?id=6677
Summary: Buffer overflows in the msvcrt *printf family
Product: Wine
Version: CVS
Platform: All
OS/Version: All
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: wine-msvcrt
AssignedTo: wine-bugs(a)winehq.org
ReportedBy: samuel.howard.dennis(a)gmail.com
Numeric formats used with a large specified precision or very large floats will
cause buffer overflows in msvcrt.*printf.
There are safeguards of sorts in pf_vsnprintf but they only check the field
width, which is not even relevant for one of the two cases as the 64-bit integer
code uses the (safe) pf_fill function to expand the number. (Checking
flags.Precision here instead of flags.FieldWidth when deciding whether to
dynamically allocate memory for the representation of the number before padding
and changing the behaviour of pf_integer_conv, which is also unsafe, would
eliminate this buffer overflow.)
The other case is more complicated, as a formatting string is reconstructed and
sent to the system sprintf. The 40 character buffer allocated (unless a larger
minimum field width is specified) can easily be overrun with large floating
point value converted with the 'f' specifier, for example, or again any value if
the precision given is large. More advanced calculations or use of snprintf is
required.
Additionally, when extra memory is allocated, pf_vsnprintf uses the pointer to
the static buffer instead of the dynamically allocated one in the HeapFree call.
--
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
http://bugs.winehq.org/show_bug.cgi?id=6665
vitaliy(a)kievinfo.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
------- Additional Comments From vitaliy(a)kievinfo.com 2006-13-11 09:33 -------
Read actual bug, not it's summary. It does talk about NtAllocateVirtualMemory
not working on other process.
BTW modifying other process' memory is implemented in Wine.
--
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
http://bugs.winehq.org/show_bug.cgi?id=4863
------- Additional Comments From gvachon(a)tc2l.ca 2006-13-11 09:17 -------
How do you apply the patch ?! Because i have that same probleme under wine 0.9.24
Thanks!
--
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
http://bugs.winehq.org/show_bug.cgi?id=2819
------- Additional Comments From alex(a)reid.ru 2006-13-11 08:00 -------
When wine application run in not mahaged mode or in wine desktop,
it has keyboard focus only when mouse cursor on application's window.
--
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
http://bugs.winehq.org/show_bug.cgi?id=6665
------- Additional Comments From admin(a)dproject.org.ua 2006-13-11 07:55 -------
Sorry, but how does problems with blizzard games bear on my problem? I say about
ALL programs that change memory of other running programs. In wine that
impossible. Maybe you doing for defense from windows viruses that also change
memory. I this true, maybe there are some patch that can turn off this?
--
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
http://bugs.winehq.org/show_bug.cgi?id=6675
------- Additional Comments From damjan.jov(a)gmail.com 2006-13-11 07:52 -------
Try a log with +bitblt,+bitmap,+x11drv.
I'll have to add some debugging code, since the demo is far too big for me to
try myself.
--
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.