Opened 14 years ago

Closed 14 years ago

#1260 closed Bug (Fixed)

Buffer overflow in _WinAPI_GetLastErrorMessage()

Reported by: danielkza Owned by: Valik
Milestone: Component: Standard UDFs
Version: Severity: Blocking
Keywords: Cc:


Func _WinAPI_GetLastErrorMessage()
  Local $tText

  $tText = DllStructCreate("char Text[4096]")

 _WinAPI_FormatMessage($__WINAPCONSTANT_FORMAT_MESSAGE_FROM_SYSTEM, 0, _WinAPI_GetLastError(), 0, DllStructGetPtr($tText), 4096, 0)
  Return DllStructGetData($tText, "Text")
EndFunc   ;==>_WinAPI_GetLastErrorMessage

The 'nSize' parameter passed is not accounting for the terminating null character: it should be 4095, or the array size should be changed to 4097, according to MSDN's example code.

Another solution (a more elegant one, in my view) is letting FormatMessage allocate the buffer. The attached file contains a implementation of this method.

Thank you,

Attachments (1)

WinAPI_GetLastErrorMessageW.au3 (1.0 KB) - added by danielkza 14 years ago.

Download all attachments as: .zip

Change History (3)

Changed 14 years ago by danielkza


comment:1 Changed 14 years ago by Valik

  • Severity changed from None to Blocking

comment:2 Changed 14 years ago by Valik

  • Milestone set to
  • Owner changed from Gary to Valik
  • Resolution set to Fixed
  • Status changed from new to closed

Fixed by revision [5355] in version:

Guidelines for posting comments:

  • You cannot re-open a ticket but you may still leave a comment if you have additional information to add.
  • In-depth discussions should take place on the forum.

For more information see the full version of the ticket guidelines here.

Add Comment

Modify Ticket

as closed The owner will remain Valik.

E-mail address and user name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.