wcstombs() doesn't guarantee NUL-termination (format_win32_error())
[censored] points out that wcstombs()
does not guarantee NUL-termination of the output buffer.
He thinks that with a sufficiently large error message in format_win32_error()
, and if UNICODE
is set, tor_strdup()
will also copy chunks of the stack.