[Libreoffice-bugs] [Bug 104694] When launching RegEnumValue generating buffer overflows concerning fonts

[bugzilla-daemon]

https://bugs.documentfoundation.org/show_bug.cgi?id=104694

Buovjaga  changed:

   What|Removed |Added

   Keywords|needsDevAdvice  |
 Status|UNCONFIRMED |RESOLVED
 Resolution|--- |NOTABUG

--- Comment #7 from Buovjaga  ---
OK, Tor gave it some thought on IRC and I think this can be closed as harmless.
I am including the comments below.

Those registry value lookups where that BUFFER OVERFLOW is reported are not
from LO code, I think 

I don't see we would look up MachinePreferredUILanguages or
PreferredUILanguages, for instance 

I'd say it's a red herring

isn't the normal way to retrieve some data of unknown length, in the Win32 API,
to first retrieve it using some small buffer, get an error *and* information
how large buffer is needed, and then ask again? 

as far as I can guess, that is exactly what is going on here 

because after each "BUFFER OVERFLOW", is a new attempt to get the same data 
at least many of the cases

-- 
You are receiving this mail because:
You are the assignee for the bug.___
Libreoffice-bugs mailing list
Libreoffice-bugs@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-bugs

[Libreoffice-bugs] [Bug 104694] When launching RegEnumValue generating buffer overflows concerning fonts

[bugzilla-daemon]

https://bugs.documentfoundation.org/show_bug.cgi?id=104694

Buovjaga  changed:

   What|Removed |Added

   Keywords||needsDevAdvice
 CC||todven...@suomi24.fi

--- Comment #6 from Buovjaga  ---
I found this
http://superuser.com/questions/491597/process-monitor-entrys-with-buffer-overflow

"This is not an error. What is happening is the program is requesting data the
length of which it does not know. It provides an initial buffer. If it is too
small, a Buffer Overflow is returned together with the size needed and the
program can reissue the request with the correct size. Do not confuse with the
use of the term buffer overflow to designate the erroneous overwriting of data
which can lead to a security vulnerability."

So it might not be anything harmful. Let's leave this open for now until some
dev investigates.

-- 
You are receiving this mail because:
You are the assignee for the bug.___
Libreoffice-bugs mailing list
Libreoffice-bugs@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-bugs

[Libreoffice-bugs] [Bug 104694] When launching RegEnumValue generating buffer overflows concerning fonts

[bugzilla-daemon]

https://bugs.documentfoundation.org/show_bug.cgi?id=104694

Telesto  changed:

   What|Removed |Added

Summary|RegEnumValue generating |When launching RegEnumValue
   |buffer overflows concerning |generating buffer overflows
   |fonts   |concerning fonts

-- 
You are receiving this mail because:
You are the assignee for the bug.___
Libreoffice-bugs mailing list
Libreoffice-bugs@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-bugs