Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo

Close

#145 Bug in ResourceLoaders.cpp

1.10.2
closed
5
2005-07-01
2005-06-21
Anonymous
No

In the following code segment (ResourceLoaders.cpp,
starting at line 24), its calculating the number of
TCHARS (stringlen) in the Resource and getting a
pointer to a buffer big enough(stringlen + 2) to hold the
resource but then when it goes to call LoadString it
passes a buffer length of ((stringLen+1)*2). LoadString
expects the length to be the number of TCHARS which
is what stringlen is. This may never cause a buffer
overrun to happen but BoundsChecker does flag it as a
problem.

int stringLen = ::SizeofResource(
g_testRunnerResource,
stringRes) / sizeof(TCHAR);
if (stringLen > 0)
{
LPTSTR stringBuffer = string.GetBuffer(
stringLen+2 );
int realStringLen = ::LoadString(
g_testRunnerResource,
stringId,
stringBuffer,
(stringLen+1)*2 );
string.ReleaseBuffer( realStringLen );

Discussion

    • status: open --> closed
     
  • Logged In: YES
    user_id=196852

    Do you have an alternative implementation that keep
    boundschecker happy ?

    Baptiste.

     
  • Logged In: NO

    I guess I question why use (stringLen+1)*2 ) in the call to
    LoadString, is the call to SizeofResource returning an invalid
    value? If it is, then allocate a buffer of (stringLen+1)*2 ) size
    or larger instead of (stringLen+2).