Hans Leidekker : kerberos: Allocate a buffer for the package info structure in kerberos_SpQueryContextAttributes.
Alexandre Julliard
julliard at winehq.org
Thu Feb 8 15:33:08 CST 2018
Module: wine
Branch: master
Commit: c6e607ff1f9219b9c3209e3490f6c954e40f9277
URL: https://source.winehq.org/git/wine.git/?a=commit;h=c6e607ff1f9219b9c3209e3490f6c954e40f9277
Author: Hans Leidekker <hans at codeweavers.com>
Date: Thu Feb 8 11:53:59 2018 +0100
kerberos: Allocate a buffer for the package info structure in kerberos_SpQueryContextAttributes.
Signed-off-by: Hans Leidekker <hans at codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard at winehq.org>
---
dlls/kerberos/krb5_ap.c | 21 ++++++++++++++++++++-
1 file changed, 20 insertions(+), 1 deletion(-)
diff --git a/dlls/kerberos/krb5_ap.c b/dlls/kerberos/krb5_ap.c
index e4011ff..767a86e 100644
--- a/dlls/kerberos/krb5_ap.c
+++ b/dlls/kerberos/krb5_ap.c
@@ -46,6 +46,7 @@
#include "wine/heap.h"
#include "wine/library.h"
#include "wine/debug.h"
+#include "wine/unicode.h"
WINE_DEFAULT_DEBUG_CHANNEL(kerberos);
@@ -1059,6 +1060,24 @@ static NTSTATUS NTAPI kerberos_SpDeleteContext( LSA_SEC_HANDLE context )
#endif
}
+static SecPkgInfoW *build_package_info( const SecPkgInfoW *info )
+{
+ SecPkgInfoW *ret;
+ DWORD size_name = (strlenW(info->Name) + 1) * sizeof(WCHAR);
+ DWORD size_comment = (strlenW(info->Comment) + 1) * sizeof(WCHAR);
+
+ if (!(ret = heap_alloc( sizeof(*ret) + size_name + size_comment ))) return NULL;
+ ret->fCapabilities = info->fCapabilities;
+ ret->wVersion = info->wVersion;
+ ret->wRPCID = info->wRPCID;
+ ret->cbMaxToken = info->cbMaxToken;
+ ret->Name = (SEC_WCHAR *)(ret + 1);
+ memcpy( ret->Name, info->Name, size_name );
+ ret->Comment = (SEC_WCHAR *)((char *)ret->Name + size_name);
+ memcpy( ret->Comment, info->Comment, size_comment );
+ return ret;
+}
+
static NTSTATUS NTAPI kerberos_SpQueryContextAttributes( LSA_SEC_HANDLE context, ULONG attribute, void *buffer )
{
TRACE( "(%lx %u %p)\n", context, attribute, buffer );
@@ -1103,7 +1122,7 @@ static NTSTATUS NTAPI kerberos_SpQueryContextAttributes( LSA_SEC_HANDLE context,
case SECPKG_ATTR_NEGOTIATION_INFO:
{
SecPkgContext_NegotiationInfoW *info = (SecPkgContext_NegotiationInfoW *)buffer;
- info->PackageInfo = (SecPkgInfoW *)&infoW;
+ if (!(info->PackageInfo = build_package_info( &infoW ))) return SEC_E_INSUFFICIENT_MEMORY;
info->NegotiationState = SECPKG_NEGOTIATION_COMPLETE;
return SEC_E_OK;
}
More information about the wine-cvs
mailing list