https://bugs.winehq.org/show_bug.cgi?id=46481
Bug ID: 46481 Summary: strftime has a buffer overflow Product: Wine Version: 3.19 Hardware: x86 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: msvcrt Assignee: wine-bugs@winehq.org Reporter: m101010a@gmail.com Distribution: ArchLinux
Created attachment 63309 --> https://bugs.winehq.org/attachment.cgi?id=63309 test-program
Steps: 1. Compile the attached program with mingw 2. Run the resulting executable
Expected outcome: The program prints a number less than 2
Actual outcome: The program prints 21 (I am in Eastern Standard Time)
This happens with both 32-bit and 64-bit executables. If the buffer size is decreased enough, this can smash the stack.
https://bugs.winehq.org/show_bug.cgi?id=46481
Fabian Maurer dark.shadow4@web.de changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |dark.shadow4@web.de Status|UNCONFIRMED |NEW Ever confirmed|0 |1
--- Comment #1 from Fabian Maurer dark.shadow4@web.de --- Confirming. The function is missing a check for the buffer size.
https://bugs.winehq.org/show_bug.cgi?id=46481
--- Comment #2 from Mathew Hodson mathew.hodson@gmail.com --- https://source.winehq.org/git/wine.git/commitdiff/79188582f067b16e3aaebfad4a...
https://bugs.winehq.org/show_bug.cgi?id=46481
Fabian Maurer dark.shadow4@web.de changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|NEW |RESOLVED Fixed by SHA1| |79188582f067b16e3aaebfad4a8 | |53d84f3a310cc
--- Comment #3 from Fabian Maurer dark.shadow4@web.de --- Marking fixed as of 79188582f067b16e3aaebfad4a853d84f3a310cc.
https://bugs.winehq.org/show_bug.cgi?id=46481
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #4 from Alexandre Julliard julliard@winehq.org --- Closing bugs fixed in 4.3.
https://bugs.winehq.org/show_bug.cgi?id=46481
Michael Stefaniuc mstefani@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|--- |4.0.x
https://bugs.winehq.org/show_bug.cgi?id=46481
Michael Stefaniuc mstefani@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|4.0.x |---
--- Comment #5 from Michael Stefaniuc mstefani@winehq.org --- Removing the 4.0.x milestone from bug fixes included in 4.0.1.
-
wine-bugs@winehq.org