[Ndiswrapper-general] bug in ndis.c?
Status: Beta
Brought to you by:
pgiri
Menu
▾
▴
[Ndiswrapper-general] bug in ndis.c?
|
From: Nicholas M. <ma...@ok...> - 2005-05-10 23:09:29
|
I noticed something funny with the function STDCALL NDIS_STATUS WRAP_EXPORT(NdisMRegisterMiniport) on line 150 of ndis.c (1.2rc1). On line 197/198 memcpy(&ndis_driver->miniport, miniport_char, sizeof(struct miniport_char)); This command copies the MiniportCharacteristics structure from the driver. However the size is really given by char_len given by the driver. For my system (bcmwl5.sys), W_CANCEL_SEND_PACKETS_HANDLER W_PNP_EVENT_NOTIFY_HANDLER W_MINIPORT_SHUTDOWN_HANDLER get set even if even though the driver does not provide them in the entry routine. Should the memory copy be memcpy(&ndis_driver->miniport, miniport_char, char_len));?? (with an additional check on char_len to insure that it is not greater then sizeof(struct miniport_char)). Is this a real bug, or does it have no effect? Nick |