Fixed potential buffer overrun in Win32 OpenGL error handling

[MarioLiebisch]

This fixes issue #1245.

[binary1248]

Is PTCHAR the right type for the cast?

[MarioLiebisch]

Yes and no. While you're supposed to pass a TCHAR** to retrieve a system allocated buffer, the signature only accepts a TCHAR* (i.e. PTCHAR). Remember, we're in C land here, so no overloads. :)

[binary1248]

buffer is already a PTCHAR, so the & operator would make it a PTCHAR*?

[MarioLiebisch]

Yes, you basically cast away the second layer of reference for the signature alone. You'll pass a PTCHAR*, because it's a return value here.

[binary1248]

Why not cast it to a LPTSTR then?

[MarioLiebisch]

I actually copied the snippet from SFML's Joystick handling. That would probably be an even "more correct" solution I guess.

[GatoRat]

This still has a serious bug:

The FORMAT_MESSAGE_IGNORE_INSERTS flag should be added to the FormatMessage call.

Be aware that buffer may be null.

(In the original code the above flag should be added, the buffer length set correctly and the return code checked for zero.)

[eXpl0it3r]

Bump.

Any alternative solution?

[binary1248]

@MarioLiebisch

String getErrorString(DWORD errorCode)
{
    PTCHAR buffer;
    if (FormatMessage(FORMAT_MESSAGE_MAX_WIDTH_MASK | FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS, NULL, errorCode, 0, reinterpret_cast<LPTSTR>(&buffer), 256, NULL) != 0)
    {
        String errMsg(buffer);
        LocalFree(buffer);
        return errMsg;
    }

    std::ostringstream ss;
    ss << "Error " << errorCode;
    return String(ss.str());
}

[eXpl0it3r]

Any update on this one, @MarioLiebisch? Or do you want to take over, @binary1248?

[eXpl0it3r]

@binary1248 can you re-review this? I applied the suggested change.