HINT: Spotting Code Defects #2 (Accessing Registry Values)


There are a few defects here … ranging from a design issue to a potential buffer-overrun that could cause your system to be comprised and the attacker to be able to execute arbitrary code on your machine.


Hint #1:  It is not only important to test return values, but also to make sure you understand how to get extended error information.


Hint #2: What is the potential range of values for a LONG?


Hint #3: Is the caller given enough information on error?


Hint #4: http://dictionary.reference.com/search?q=deprecated


Think you know the defects?  Post your comments!