Rob Shearman : secur32: NTLM - don'
t bother nul terminating the password string as nothing relies on it
being nul terminated .
Alexandre Julliard
julliard at wine.codeweavers.com
Tue Mar 6 16:13:16 CST 2007
Module: wine
Branch: master
Commit: d9229bd1c5df8ed471682f45bc2b57e2e268639d
URL: http://source.winehq.org/git/wine.git/?a=commit;h=d9229bd1c5df8ed471682f45bc2b57e2e268639d
Author: Rob Shearman <rob at codeweavers.com>
Date: Tue Mar 6 13:31:33 2007 +0000
secur32: NTLM - don't bother nul terminating the password string as nothing relies on it being nul terminated.
---
dlls/secur32/ntlm.c | 11 +++++------
1 files changed, 5 insertions(+), 6 deletions(-)
diff --git a/dlls/secur32/ntlm.c b/dlls/secur32/ntlm.c
index 4f21917..a75b4b8 100644
--- a/dlls/secur32/ntlm.c
+++ b/dlls/secur32/ntlm.c
@@ -227,7 +227,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_AcquireCredentialsHandleW(
helper->pwlen = WideCharToMultiByte(CP_UNIXCP,
WC_NO_BEST_FIT_CHARS, auth_data->Password,
auth_data->PasswordLength, NULL, 0, NULL,
- NULL) + 1;
+ NULL);
helper->password = HeapAlloc(GetProcessHeap(), 0,
helper->pwlen);
@@ -235,7 +235,6 @@ static SECURITY_STATUS SEC_ENTRY ntlm_AcquireCredentialsHandleW(
WideCharToMultiByte(CP_UNIXCP, WC_NO_BEST_FIT_CHARS,
auth_data->Password, auth_data->PasswordLength,
helper->password, helper->pwlen, NULL, NULL);
- helper->password[helper->pwlen - 1] = '\0';
}
}
@@ -507,11 +506,11 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(
{
lstrcpynA(buffer, "PW ", max_len-1);
if((ret = encodeBase64((unsigned char*)helper->password,
- helper->pwlen-1, buffer+3,
+ helper->pwlen, buffer+3,
max_len-3, &buffer_len)) != SEC_E_OK)
{
TRACE("Deleting password!\n");
- memset(helper->password, 0, helper->pwlen-1);
+ memset(helper->password, 0, helper->pwlen);
HeapFree(GetProcessHeap(), 0, helper->password);
goto isc_end;
}
@@ -695,7 +694,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(
helper->pwlen, unicode_password, passwd_lenW);
SECUR32_CreateNTLMv1SessionKey((PBYTE)unicode_password,
- lstrlenW(unicode_password) * sizeof(SEC_WCHAR), helper->session_key);
+ passwd_lenW * sizeof(SEC_WCHAR), helper->session_key);
HeapFree(GetProcessHeap(), 0, unicode_password);
}
@@ -739,7 +738,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(
{
TRACE("Deleting password!\n");
if(helper->password)
- memset(helper->password, 0, helper->pwlen-1);
+ memset(helper->password, 0, helper->pwlen);
HeapFree(GetProcessHeap(), 0, helper->password);
}
isc_end:
More information about the wine-cvs
mailing list