Alistair Leslie-Hughes : advapi32: Prevent buffer overrun.

Alexandre Julliard julliard at wine.codeweavers.com
Wed Aug 19 09:56:02 CDT 2015


Module: wine
Branch: master
Commit: 3b5107d06305972beaa9c5ff147ecbcd99949a75
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=3b5107d06305972beaa9c5ff147ecbcd99949a75

Author: Alistair Leslie-Hughes <leslie_alistair at hotmail.com>
Date:   Wed Aug 19 12:18:11 2015 +1000

advapi32: Prevent buffer overrun.

---

 dlls/advapi32/security.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c
index d1e2bb4..a40e639 100644
--- a/dlls/advapi32/security.c
+++ b/dlls/advapi32/security.c
@@ -4512,13 +4512,15 @@ static BOOL ParseStringSecurityDescriptorToSecurityDescriptor(
 {
     BOOL bret = FALSE;
     WCHAR toktype;
-    WCHAR tok[MAX_PATH];
+    WCHAR *tok;
     LPCWSTR lptoken;
     LPBYTE lpNext = NULL;
     DWORD len;
 
     *cBytes = sizeof(SECURITY_DESCRIPTOR);
 
+    tok = heap_alloc( (lstrlenW(StringSecurityDescriptor) + 1) * sizeof(WCHAR));
+
     if (SecurityDescriptor)
         lpNext = (LPBYTE)(SecurityDescriptor + 1);
 
@@ -4640,6 +4642,7 @@ static BOOL ParseStringSecurityDescriptorToSecurityDescriptor(
     bret = TRUE;
 
 lend:
+    heap_free(tok);
     return bret;
 }
 




More information about the wine-cvs mailing list