GCC compiles ber_tag_t and ber_len_t as 64-bit types on 64-bit machines, but in Win64 they are 32-bit. As va_list arguments they pass unchecked and unconverted.
Signed-off-by: Conor McCarthy cmccarthy@codeweavers.com --- dlls/wldap32/ber.c | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-)
diff --git a/dlls/wldap32/ber.c b/dlls/wldap32/ber.c index c2c6f269..d8fd502d 100644 --- a/dlls/wldap32/ber.c +++ b/dlls/wldap32/ber.c @@ -353,7 +353,7 @@ INT WINAPIV WLDAP32_ber_printf( BerElement *berelement, PCHAR fmt, ... ) } case 't': { - unsigned int tag = va_arg( list, unsigned int ); + ber_tag_t tag = va_arg( list, ULONG ); ret = ber_printf( berelement, new_fmt, tag ); break; } @@ -372,7 +372,7 @@ INT WINAPIV WLDAP32_ber_printf( BerElement *berelement, PCHAR fmt, ... ) case 'X': { char *str = va_arg( list, char * ); - int len = va_arg( list, int ); + ber_len_t len = va_arg( list, ULONG ); new_fmt[0] = 'B'; /* 'X' is deprecated */ ret = ber_printf( berelement, new_fmt, str, len ); break; @@ -447,8 +447,10 @@ INT WINAPIV WLDAP32_ber_scanf( BerElement *berelement, PCHAR fmt, ... ) } case 't': { - unsigned int *tag = va_arg( list, unsigned int * ); - ret = ber_scanf( berelement, new_fmt, tag ); + ULONG *tag = va_arg( list, ULONG * ); + ber_tag_t ber_tag; + ret = ber_scanf( berelement, new_fmt, &ber_tag ); + *tag = ber_tag; break; } case 'v': @@ -460,8 +462,10 @@ INT WINAPIV WLDAP32_ber_scanf( BerElement *berelement, PCHAR fmt, ... ) case 'B': { char **str = va_arg( list, char ** ); - int *len = va_arg( list, int * ); - ret = ber_scanf( berelement, new_fmt, str, len ); + ULONG *len = va_arg( list, ULONG * ); + ber_len_t ber_len; + ret = ber_scanf( berelement, new_fmt, str, &ber_len ); + *len = ber_len; break; } case 'O':