Fix buffer overflow (spotted by Detlef Riekenberg in wine-devel ML)

author Hervé Poussineau <hpoussin@reactos.org>

Sun, 7 May 2006 09:32:56 +0000 (09:32 +0000)

committer Hervé Poussineau <hpoussin@reactos.org>

Sun, 7 May 2006 09:32:56 +0000 (09:32 +0000)
author Hervé Poussineau <hpoussin@reactos.org>
Sun, 7 May 2006 09:32:56 +0000 (09:32 +0000)
committer Hervé Poussineau <hpoussin@reactos.org>
Sun, 7 May 2006 09:32:56 +0000 (09:32 +0000)
diff --git a/reactos/dll/win32/setupapi/parser.c b/reactos/dll/win32/setupapi/parser.c

index e6934ad..8444810 100644 (file)
--- a/reactos/dll/win32/setupapi/parser.c
+++ b/reactos/dll/win32/setupapi/parser.c
@@ -953,10 +953,10 @@ static struct inf_file *parse_file( HANDLE handle, UINT *error_line )
      else
      {
          WCHAR *new_buff = (WCHAR *)buffer;
-        /* Some UNICODE files may start with the UNICODE marker */
+        /* UCS-16 files should start with the Unicode BOM; we should skip it */
          if (*new_buff == 0xfeff)
              new_buff++;
-        err = parse_buffer( file, new_buff, (WCHAR *)((char *)new_buff + size), error_line );
+        err = parse_buffer( file, new_buff, (WCHAR *)((char *)buffer + size), error_line );
      }
  
      if (!err)  /* now check signature */
author	Hervé Poussineau <hpoussin@reactos.org>
	Sun, 7 May 2006 09:32:56 +0000 (09:32 +0000)
committer	Hervé Poussineau <hpoussin@reactos.org>
	Sun, 7 May 2006 09:32:56 +0000 (09:32 +0000)