Closed hfiref0x closed 5 years ago
RpcCommon\Misc.c https://github.com/silverf0x/RpcView/blob/c108da277be48accb3c6aaeb4af752a2028069bf/RpcCommon/Misc.c#L222
where
memcpy destination
https://github.com/silverf0x/RpcView/blob/c108da277be48accb3c6aaeb4af752a2028069bf/RpcCommon/Misc.h#L27
memcpy source
https://github.com/silverf0x/RpcView/blob/c108da277be48accb3c6aaeb4af752a2028069bf/RpcCommon/Misc.c#L178
memcpy number of bytes to copy = sizeof(pLocationInfo->Location) is 520 bytes.
The 520 bytes copied from source may lead to crash if memory beyond this array is not available.
Split from #17
Edit: By the way, I can't find where this routine used.
RpcCommon\Misc.c https://github.com/silverf0x/RpcView/blob/c108da277be48accb3c6aaeb4af752a2028069bf/RpcCommon/Misc.c#L222
where
memcpy destination
https://github.com/silverf0x/RpcView/blob/c108da277be48accb3c6aaeb4af752a2028069bf/RpcCommon/Misc.h#L27
memcpy source
https://github.com/silverf0x/RpcView/blob/c108da277be48accb3c6aaeb4af752a2028069bf/RpcCommon/Misc.c#L178
memcpy number of bytes to copy = sizeof(pLocationInfo->Location) is 520 bytes.
The 520 bytes copied from source may lead to crash if memory beyond this array is not available.
Split from #17
Edit: By the way, I can't find where this routine used.