fix a too small buffer in CredUnmarshalCredentialW
Stefan Leichter
Stefan.Leichter at camline.com
Wed Nov 14 09:07:19 CST 2012
Wednesday 14 November 2012 Hans Leidekker <hans at codeweavers.com>
> On Wed, 2012-11-14 at 09:48 +0100, Stefan Leichter wrote:
> > + char buffer[6];
> > + unsigned int buflen, *size = (unsigned int*) buffer;
> >
> > - if (len < 9 || !cred_decode( cred + 3, 6, (char *)&size ) ||
> > !size || size % sizeof(WCHAR)) + if (len < 9 || !cred_decode(
> > cred + 3, 6, buffer ) || !*size || *size % sizeof(WCHAR))
>
> You're still truncating the decoded size. You should instead make 'size' a
> ULONGLONG and initialize it to 0.
>
> Is this little-endian ARM?
OK, i will send another patch.
Platform is ARM, unsure about the endianness but i think it is little-endian
More information about the wine-devel
mailing list