[PATCH] shell32: use flexible arrays to avoid fortify failures
Reece Dunn
msclrhd at googlemail.com
Tue Sep 21 02:34:33 CDT 2010
On 20 September 2010 17:51, Mike Frysinger <vapier at gentoo.org> wrote:
> well, i dont think this issue is limited to shell32. it's just the only one
> to hit it atm. what about my other patch i posted ?
> http://www.winehq.org/pipermail/wine-patches/2010-September/093377.html
>
How does fortify work?
See http://blogs.msdn.com/b/oldnewthing/archive/2004/08/26/220873.aspx
for information on how to allocate these structures. Specifically:
PTOKEN_GROUPS TokenGroups = malloc(FIELD_OFFSET(TOKEN_GROUPS,
Groups[NumberOfGroups]));
The article explains that:
PTOKEN_GROUPS TokenGroups = malloc(sizeof(TOKEN_GROUPS) +
NumberOfGroups * sizeof(SID_AND_ATTRIBUTES));
crashes on 64-bit platforms with STATUS_DATATYPE_MISALIGNMENT due to
the data being placed on a 4-byte, not 8-byte, boundary.
Is the shell32 code running into something similar -- that is, are the
calculations for the allocated memory blocks using these ANYSIZE_ARRAY
structures wrong?
- Reece
More information about the wine-devel
mailing list