Module: wine Branch: master Commit: 7ba9dea9996e9312c7116a28ed7a3a432556fa98 URL: https://gitlab.winehq.org/wine/wine/-/commit/7ba9dea9996e9312c7116a28ed7a3a4...

Author: Jinoh Kang jinoh.kang.kr@gmail.com Date: Sat Jan 6 22:13:17 2024 +0900

ntdll/tests: Fix incorrect calculation of context length in test_copy_context().

`(BYTE *)dst_ex - (BYTE *)dst` is the size of the legacy context, but `dst_ex->All` already contains the legacy context. Therefore, `context_length` has the legacy context size added *twice*.

This becomes a problem when `context_length` exceeds `sizeof(src_context_buffer)`. This confuses `check_changes_in_range()`, causing out-of-bounds read and unpredictable test results.

---

dlls/ntdll/tests/exception.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dlls/ntdll/tests/exception.c b/dlls/ntdll/tests/exception.c index 79a65dadab9..9f6bfbd2008 100644 --- a/dlls/ntdll/tests/exception.c +++ b/dlls/ntdll/tests/exception.c @@ -11952,7 +11952,7 @@ static void test_copy_context(void) *(DWORD *)((BYTE *)dst + flags_offset) = 0; *(DWORD *)((BYTE *)src + flags_offset) = 0;

- context_length = (BYTE *)dst_ex - (BYTE *)dst + dst_ex->All.Length; + context_length = dst_ex->All.Length;

if (flags & 0x40) {