Hans Leidekker : advapi32: Fix handling of zero account and domain size parameters in LookupAccountSid .

[Alexandre Julliard]

Module: wine
Branch: master
Commit: 0cffcb77d6e624bcc7567ebcfaecb0ef730e7a7e
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=0cffcb77d6e624bcc7567ebcfaecb0ef730e7a7e

Author: Hans Leidekker <hans at codeweavers.com>
Date:   Tue Sep 21 12:54:50 2010 +0200

advapi32: Fix handling of zero account and domain size parameters in LookupAccountSid.

---

 dlls/advapi32/security.c       |   15 ++++++++++++---
 dlls/advapi32/tests/security.c |   12 +++++++++++-
 2 files changed, 23 insertions(+), 4 deletions(-)

diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c
index 3e7699a..0458033 100644
--- a/dlls/advapi32/security.c
+++ b/dlls/advapi32/security.c
@@ -2069,6 +2069,11 @@ LookupAccountSidA(
         } else
             *domainSize = domainSizeW + 1;
     }
+    else
+    {
+        *accountSize = accountSizeW + 1;
+        *domainSize = domainSizeW + 1;
+    }
 
     HeapFree( GetProcessHeap(), 0, systemW );
     HeapFree( GetProcessHeap(), 0, accountW );
@@ -2225,8 +2230,11 @@ LookupAccountSidW(
             if (domain)
                 lstrcpyW(domain, dm);
         }
-        if (((*accountSize != 0) && (*accountSize < ac_len)) ||
-            ((*domainSize != 0) && (*domainSize < dm_len))) {
+        if ((*accountSize && *accountSize < ac_len) ||
+            (!account && !*accountSize && ac_len)   ||
+            (*domainSize && *domainSize < dm_len)   ||
+            (!domain && !*domainSize && dm_len))
+        {
             SetLastError(ERROR_INSUFFICIENT_BUFFER);
             status = FALSE;
         }
@@ -2238,9 +2246,10 @@ LookupAccountSidW(
             *accountSize = ac_len;
         else
             *accountSize = ac_len + 1;
-        *name_use = use;
+
         HeapFree(GetProcessHeap(), 0, account_name);
         HeapFree(GetProcessHeap(), 0, computer_name);
+        if (status) *name_use = use;
         return status;
     }
 
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index 424403b..f599bb1 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -1505,7 +1505,7 @@ static void test_LookupAccountSid(void)
     PSID pUsersSid = NULL;
     SID_NAME_USE use;
     BOOL ret;
-    DWORD size,cbti = 0;
+    DWORD error, size, cbti = 0;
     MAX_SID  max_sid;
     CHAR *str_sidA;
     int i;
@@ -1667,6 +1667,16 @@ static void test_LookupAccountSid(void)
        "LookupAccountSidW() Expected dom_size = %u, got %u\n",
        real_dom_sizeW + 1, dom_sizeW);
 
+    acc_sizeW = dom_sizeW = use = 0;
+    SetLastError(0xdeadbeef);
+    ret = LookupAccountSidW(NULL, pUsersSid, NULL, &acc_sizeW, NULL, &dom_sizeW, &use);
+    error = GetLastError();
+    ok(!ret, "LookupAccountSidW failed %u\n", GetLastError());
+    ok(error == ERROR_INSUFFICIENT_BUFFER, "expected ERROR_INSUFFICIENT_BUFFER, got %u\n", error);
+    ok(acc_sizeW, "expected non-zero account size\n");
+    ok(dom_sizeW, "expected non-zero domain size\n");
+    ok(!use, "expected zero use %u\n", use);
+
     FreeSid(pUsersSid);
 
     /* Test LookupAccountSid with Sid retrieved from token information.