BUG: CLIPOBJ_bEnum Can Overwrite End of Buffer

ID: Q126417


The information in this article applies to:


SYMPTOMS

If the buffer size used for CLIPOBJ_bEnum is a multiple of 16, this call may overwrite past the end of the buffer possibly causing heap or stack corruption or returning invalid data.


CAUSE

The internals of the CLIPOBJ may not account for the size of the count member that it must return in the buffer.


STATUS

Microsoft has confirmed this to be a problem in the Windows NT DDK version 3.10 and 3.50. We are researching this problem and will post new information here in the Microsoft Knowledge Base as it becomes available.

Additional query words: 3.10 3.50


Keywords          : 
Version           : 
Platform          : 
Issue type        : 

Last Reviewed: March 2, 1999