On Thu Sep 22 12:12:12 2022 +0000, Piotr Caban wrote:
I agree with Paul, it's not something we want to add.
You are right that it is not necessary to replace all stack buffers. In many cases the bounds are handled properly. However, while fixing stack overflows in shell32/shlexec.c, I repeatedly used same malloc & strlen functions for manual length calculations, which is error-prone. Furthermore, the final string length can sometimes not be easily computed (e.g. `SHELL_ArgifyW`). That is why I came to the conclusion that moving basic operations (i.e. string concat or string formatting) to helper functions would be the safest and most convenient approach. In performance-critical cases the container should be preallocated with the expected final size (where applicable) to avoid realloc overhead.
---
On another note: It seems that there is a mismatch in (wine)gcc vs mingw compiler flags and/or behavior? Even `-Wall` in (wine)gcc did not show any of the warnings which are shown in the buildbot log.