[
https://issues.apache.org/jira/browse/XERCESC-2179?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16966627#comment-16966627
]
martin goodall commented on XERCESC-2179:
-----------------------------------------
unfortunately you are not correct :). On a 64 bit platform a LPDWORD is a far
double word which is 16 bytes long, not 8. This was double check with a simple
printf("%1lu\n", sizeof(LPDWORD))" which prints 16;
Adding 1 byte is clearly documented by Microsoft and its nothing to do with the
length of the buffer but where the NULL character is. Although unlikely to make
a difference, without MS source code, you don't know the effect. I document
above a scenario where it would have an effect (although it would be poor
coding on MS behalf), however, when a function is documented how to use, code
should use it that way to avoid risk.
> access violation in win32transservice.cpp with 64 bit compile
> -------------------------------------------------------------
>
> Key: XERCESC-2179
> URL: https://issues.apache.org/jira/browse/XERCESC-2179
> Project: Xerces-C++
> Issue Type: Bug
> Components: DOM
> Affects Versions: 3.2.2
> Reporter: martin goodall
> Assignee: Alberto Massari
> Priority: Blocker
> Fix For: 3.2.3
>
> Attachments: Win32TransService.cpp
>
>
> calls to ::Reg... to get registry info are passing in stack variables that
> are 8 bytes long into functions that overwrite 16 bytes, causing memory
> overwrite and very random segs.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
