"Dan Kegel" dank@kegel.com writes:
Fixes an off-by-one buffer overflow in wine_debugstr_wn() in which the wchar after the end of the buffer was read.
This is same as try 2, but is slightly clearer and more correct.
Found via Valgrind warning: Conditional jump or move depends on uninitialised value(s) at 0x45F3219: wine_debugstr_wn (registry.c:151) by 0x45F34F5: test_hkey_main_Value_W (registry.c:284) by 0x45F7644: func_registry (registry.c:327) by 0x460A127: run_test (test.h:387)
Alexandre, if you don't like this 'un, please tell me why.
That function is really supposed to print n chars, not n-1. The terminating null probably needs to be included in the length.
On 11/7/07, Alexandre Julliard julliard@winehq.org wrote:
That function is really supposed to print n chars, not n-1. The terminating null probably needs to be included in the length.
Hmm. The function is only called on registry keys and values, none of which are really nul terminated (and some vendors use embedded nuls on purpose). I think the unconditional nul termination check is a bug introduced when the author forked the function from the copy in libs/wine/debug.c. Patch coming...
-
Alexandre Julliard -
Dan Kegel