Re: dmband: Indirection levels fix

Andrew Talbot wrote:

diff --git a/dlls/dmband/band.c b/dlls/dmband/band.c index 891fb5a..8b89573 100644 --- a/dlls/dmband/band.c +++ b/dlls/dmband/band.c @@ -173,7 +173,7 @@ static HRESULT WINAPI IDirectMusicBandImpl_IDirectMusicObject_SetDescriptor (LPD This->pDesc->ftDate = pDesc->ftDate; if (pDesc->dwValidData & DMUS_OBJ_MEMORY) { This->pDesc->llMemLength = pDesc->llMemLength;

• memcpy (This->pDesc->pbMemData, pDesc->pbMemData, sizeof (pDesc->pbMemData));
  

• memcpy (&This->pDesc->pbMemData, &pDesc->pbMemData, sizeof (pDesc->pbMemData));
  

  } if (pDesc->dwValidData & DMUS_OBJ_STREAM) { /* according to MSDN, we copy the stream */

This isn't correct. Judging by the surrounding code, this should be allocating a block of memory of This->pDesc->pbMemData and then passing pDesc->llMemLength into memcpy, possibly validating that pDesc->llMemLength isn't greater than UINT_MAX to avoid an overflow.