Q126417 - BUG: CLIPOBJ_bEnum Can Overwrite End of Buffer

BUG: CLIPOBJ_bEnum Can Overwrite End of Buffer

Q126417

The information in this article applies to:

Microsoft Win32 Device Driver Kit (DDK) for Windows NT, version 3.5

SYMPTOMS

If the buffer size used for CLIPOBJ_bEnum is a multiple of 16, this call may overwrite past the end of the buffer possibly causing heap or stack corruption or returning invalid data.

CAUSE

The internals of the CLIPOBJ may not account for the size of the count member that it must return in the buffer.

STATUS

Microsoft has confirmed this to be a problem in the Windows NT DDK version 3.10 and 3.50. We are researching this problem and will post new information here in the Microsoft Knowledge Base as it becomes available.

Additional query words: 3.10 3.50

Keywords :
Issue type :
Technology : kbAudDeveloper kbWinDDKSearch kbWin32sSearch kbWin32DDKSearch kbWin32DDKNT350 kbWin32DDKNTSearch