Alexandre Julliard : ntdll: Fixed buffer overflow in NtQueryDirectoryFile optimisation.

[Alexandre Julliard]

Module: wine
Branch: refs/heads/master
Commit: 2f356c785e9a98ae2b9addec83eb7c34ed7d6de8
URL:    http://source.winehq.org/git/?p=wine.git;a=commit;h=2f356c785e9a98ae2b9addec83eb7c34ed7d6de8

Author: Alexandre Julliard <julliard at winehq.org>
Date:   Mon Aug  7 13:53:31 2006 +0200

ntdll: Fixed buffer overflow in NtQueryDirectoryFile optimisation.

---

 dlls/ntdll/directory.c |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/dlls/ntdll/directory.c b/dlls/ntdll/directory.c
index 84624a8..60aa5b5 100644
--- a/dlls/ntdll/directory.c
+++ b/dlls/ntdll/directory.c
@@ -1150,7 +1150,7 @@ static int read_directory_stat( int fd, 
     TRACE("trying optimisation for file %s\n", debugstr_us( mask ));
 
     unix_len = ntdll_wcstoumbs( 0, mask->Buffer, mask->Length / sizeof(WCHAR), NULL, 0, NULL, NULL );
-    if (!(unix_name = RtlAllocateHeap( GetProcessHeap(), 0, unix_len )))
+    if (!(unix_name = RtlAllocateHeap( GetProcessHeap(), 0, unix_len + 1)))
     {
         io->u.Status = STATUS_NO_MEMORY;
         return 0;
@@ -1159,6 +1159,7 @@ static int read_directory_stat( int fd, 
                            NULL, &used_default );
     if (ret > 0 && !used_default)
     {
+        unix_name[ret] = 0;
         if (restart_scan)
         {
             lseek( fd, 0, SEEK_SET );