Robert Shearman rob@codeweavers.com writes:
--- wine/dlls/wininet/http.c 4 Jul 2004 00:24:47 -0000 1.65 +++ wine/dlls/wininet/http.c 13 Jul 2004 16:23:11 -0000 @@ -1131,8 +1186,8 @@ if( result ) { len = WideCharToMultiByte( CP_ACP,0, bufferW, len / sizeof(WCHAR),
lpBuffer, *lpdwBufferLength, NULL, NULL );*lpdwBufferLength = len * sizeof(WCHAR);
lpBuffer, *lpdwBufferLength+1, NULL, NULL );*lpdwBufferLength = (len-1) * sizeof(CHAR);
It seems to me this would potentially write beyond the end of the buffer, that doesn't look right.
Alexandre Julliard wrote:
Robert Shearman rob@codeweavers.com writes:
--- wine/dlls/wininet/http.c 4 Jul 2004 00:24:47 -0000 1.65 +++ wine/dlls/wininet/http.c 13 Jul 2004 16:23:11 -0000 @@ -1131,8 +1186,8 @@ if( result ) { len = WideCharToMultiByte( CP_ACP,0, bufferW, len / sizeof(WCHAR),
lpBuffer, *lpdwBufferLength, NULL, NULL );*lpdwBufferLength = len * sizeof(WCHAR);
lpBuffer, *lpdwBufferLength+1, NULL, NULL );*lpdwBufferLength = (len-1) * sizeof(CHAR);It seems to me this would potentially write beyond the end of the buffer, that doesn't look right.
From: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wininet/win...
In the case of a string, the byte count does not include the string's terminating null character.
Since WideCharToMultiByte returns the number of bytes written including the null terminator it is required to take one away from it, although the misleading *sizeof(CHAR) can be removed.
Rob
Robert Shearman rob@codeweavers.com writes:
In the case of a string, the byte count does not include the string's terminating null character.
Since WideCharToMultiByte returns the number of bytes written including the null terminator it is required to take one away from it, although the misleading *sizeof(CHAR) can be removed.
I meant the line above, where you use *lpdwBufferLength+1, this will overflow the buffer. Note that since len doesn't include the terminating NULL, converting len/sizeof(WCHAR) characters won't get you a terminating NULL even with a larger dest buffer.
-
Alexandre Julliard -
Robert Shearman