Text only | Text with Images

The International Simutrans Forum

Development => Patches & Projects => Incorporated Patches and Solved Bug Reports => Topic started by: Ters on September 12, 2015, 09:49:21 PM

Title: r7583 Buffer overrun bug
Post by: Ters on September 12, 2015, 09:49:21 PM
simsys.cc line 45 uses sizeof() when "lengthof()" is what should be used. The documentation for MultiByteToWideChar warns about the potential bug.
Title: Re: r7583 Buffer overrun bug
Post by: prissi on September 12, 2015, 10:19:45 PM
The documentation I read said "Size of buffer in chars". I would have used lengthof otherwise; or did Microsoft mean size of wchars by this? Then they should have stated it correctly and not indirectly. Sigh.
Title: Re: r7583 Buffer overrun bug
Post by: Ters on September 13, 2015, 08:12:11 AM
The docs for the parameter says "Size, in characters, of the buffer indicated by lpWideCharStr" not chars. The warning at the top says "Calling this function can easily cause a buffer overrun because the size of the input buffer indicated by lpMultiByteStr equals the number of bytes in the string, while the size of the output buffer indicated by lpWideCharStr equals the number of characters."
Text only | Text with Images