Jacek Caban (@jacek) commented about dlls/opengl32/unix_wgl.c:

•    if (!(extensions = malloc( size * sizeof(*extensions) + (ptr - str) ))) return;
  

•    for (out = (char *)&extensions[size], ptr = str; *ptr; out++, ptr++)
     {
  

•        if (*ext == ' ')
  

•        {
  

•            *ext = 0;
  

•            extensions[count++] = ext + 1;
  

•        }
  

•        ext++;
  

•        if (ptr == str || ptr[-1] == ' ') extensions[count++] = out;
  

•        *out = *ptr == ' ' ? 0 : *ptr;
     }
  

•    assert( count + ARRAYSIZE(legacy_extensions) - 1 == size );
  

•    if (ptr != str) *out = 0;
  

This may overflow the allocated buffer.