Andrew Talbot wrote: > @@ -291,8 +291,9 @@ lend: > * > * Get DMP Name from the registry > */ > -HRESULT WINAPI DMOGetName(REFCLSID clsidDMO, WCHAR szName[80]) > +HRESULT WINAPI DMOGetName(REFCLSID clsidDMO, WCHAR szName[]) > { > +#define NAME_SIZE 80 /* Size of szName[] */ > WCHAR szguid[64]; > HRESULT hres; > HKEY hrkey = 0; > @@ -311,7 +312,7 @@ HRESULT WINAPI DMOGetName(REFCLSID clsidDMO, WCHAR > szName[80]) > if (ERROR_SUCCESS != hres) > goto lend; > > - count = sizeof(szName); > + count = NAME_SIZE; > hres = RegQueryValueExW(hkey, NULL, NULL, NULL, > (LPBYTE) szName, &count); >
This is incorrect. count is the size in bytes of the buffer passed in (szName) and so should be sizeof(szName) not sizeof(szName)/sizeof(szName[0]) (i.e. 80). I see this patch has already been committed, so a9200b24014607c4c82fb052b97de88daa804a81 should be reverted. If you want to pick up errors like passing the wrong size into functions then I would suggest using an automatic checker that is able to use semantic information, like Microsoft's PREfast. -- Rob Shearman