Re: odbccp32: Implement SQLGetPrivateProfileStringW/SQLGetPrivateProfileString

On 20.07.2015 12:53, Alistair Leslie-Hughes wrote:

•    else
  

•    {
  

•        WCHAR name[MAX_PATH];
  

•        DWORD index = 0;
  

•        DWORD namelen;
  

•        usedefault = FALSE;
  

•        memset(buff, 0, buff_len);
  

•        namelen = sizeof(name);
  

•        while (RegEnumValueW(sectionkey, index, name, &namelen, NULL, NULL, NULL, NULL ) == ERROR_SUCCESS)
  

•        {
  

•            lstrcpyW(buff+ret, name);
  

•            ret += namelen+1;
  

•            namelen = sizeof(name);
  

•            index++;
  

•        }
  

•    }
  

In this new case you unconditionally write to 'buff' without checking if you already exceeded 'buff_len'. Also memset of whole buffer looks suspicious and I don't see anything in tests that proves it.