On Sat, Sep 7, 2019 at 1:46 AM Alexandre Julliard julliard@winehq.org wrote:
Alex Henrie alexhenrie24@gmail.com writes:
I think that instead of making the buffer bigger, it would be better to add kernelbase to the IMPORTS line of dlls/advpack/tests/Makefile.in, include shlwapi.h in files.c, and then change lstrcatA to StrCatBuffA.
Arguably such buffer overflows in tests don't matter either way, but using a function that would silently truncate the path is not an improvement in general.
That makes sense. However, I misspoke when I said to change lstrcatA to StrCatBuffA: The compiler warning is about sprintf, not strcat. So in this case I think it would make the most sense to replace the sprintf with lstrcpyA and lstrcatA similar to the rest of the tests in the function.
-Alex