niansa-misc/wine
1
0
Fork 0
mirror of synced 2025-03-07 03:53:26 +01:00
Code Issues Projects Releases Packages Wiki Activity

krnl386.exe16: Don't overflow when calculating size.

Browse source 
The application again the bug, passed 1 as the elem parameter which
doubled the memory being allocated.  When it overflowed (became negative),
the value was passed into GlobalAlloc16 which then failed.

GlobalAlloc16 takes a DWORD parameter, so the value isn't going to be truncated.

Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=53092

Original patch by github user cracyc for winevdm.
This commit is contained in:
Alistair Leslie-Hughes 2023-06-01 17:51:00 +10:00 committed by Alexandre Julliard
parent c1588b1bfd
commit 77e0aae7f3
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
dlls/krnl386.exe16/ne_segment.c
View file

@ -945,7 +945,7 @@ static WORD NE_Ne2MemFlags(WORD flags)
*/
DWORD WINAPI MyAlloc16( WORD wFlags, WORD wSize, WORD wElem )
{
WORD size = wSize << wElem;
DWORD size = wSize << wElem;
HANDLE16 hMem = 0;
if (wSize || (wFlags & NE_SEGFLAGS_MOVEABLE))