Guard against invalid string values of length 1 in wxRegKey

It is not really clear if it can happen, but avoid integer underflow in case it somehow does and just discard the single byte which can't represent a valid UTF-16 character anyhow. See #16719.
2016-01-30 00:45:40 +01:00
parent 142edf8b78
commit d00fef689f
1 changed files with 3 additions and 4 deletions
--- a/src/msw/registry.cpp
+++ b/src/msw/registry.cpp
@@ -1023,7 +1023,9 @@ bool wxRegKey::QueryValue(const wxString& szValue,
                return false;
            }

-            if ( !dwSize )
+            // We need length in characters, not bytes.
+            DWORD chars = dwSize / sizeof(wxChar);
+            if ( !chars )
            {
                // must treat this case specially as GetWriteBuf() doesn't like
                // being called with 0 size
@@ -1033,9 +1035,6 @@ bool wxRegKey::QueryValue(const wxString& szValue,
            {
                // extra scope for wxStringBufferLength
                {
-                    // We need length in characters, not bytes.
-                    DWORD chars = dwSize / sizeof(wxChar);
-
                    wxStringBufferLength strBuf(strValue, chars);
                    m_dwLastError = RegQueryValueEx((HKEY) m_hKey,
                                                    RegValueStr(szValue),