On Apr 22, 2013, at 1:17 PM, Kirill Smirnov wrote: > While debugging bug #33307 (http://bugs.winehq.org/show_bug.cgi?id=33307) > I found a suspicious piece of code, looking like off-by-one error. > > Unfortunately, I'm not familiar with this part of wine and I don't know > how to write corresponding test case. > > If you familiar with this module, please, take a look at this > wanna-be-a-bug and the proposed patch.
I'm not familiar with the module, but on reviewing your patch and the local code it does appear that you have found a bug. Your fix seems reasonable, although I think I'd change the memcpy() to use dest_name.Length + sizeof(WCHAR) as the length. That way you don't have to duplicate the memcpy with two different lengths. I don't think you have to worry about a test case. This isn't a question about observable behavior of some Win32 API, it's just making Wine not write past the end of a buffer. Cheers, Ken
