On 05/24/2010 11:10 AM, Bruno Haible wrote:
Hi,Another fix, independent of my previous patch: Avoid an access beyond end of buffer. Recall that the second argument to re_search is 'buf', therefore indices returned by re_search are relative to 'buf', not to 'beg'. The expression WCHAR ((unsigned char) match[len]) is only valid if &match[len]< end - 1 <==> buf + start + len< end - 1 <==> start + len< end - buf - 1 The previous test len< end - beg - 1 is wrong because match may be != beg or equivalently start may be != beg - buf. Bruno
Correct, I'll apply the patch. Paolo
