Heap corruption caused by strcpy
writing past the end of allocated memory ('\0' character).
|
stash->name = (char *)malloc(len);//D2FogMemAlloc(len,__FILE__,__LINE__,0); |
|
strcpy(stash->name, name); |
|
if (strlen((char *)&data[curSize])) |
|
ptStash->name = (char*)malloc(strlen((char *)&data[curSize]));//D2AllocMem(PCGame->memoryPool, strlen((char *)&data[curSize]),__FILE__,__LINE__,0); |
|
if (ptStash->name) |
|
strcpy(ptStash->name, (char *)&data[curSize]); |
![Untitled](https://user-images.githubusercontent.com/71973715/98352286-79d85980-2026-11eb-8241-306d4f4fc169.png)