[PATCH 3/4] ntdll: Implement NtCreateToken.
Alexandre Julliard
julliard at winehq.org
Wed May 2 09:10:34 CDT 2018
Hans Leidekker <hans at codeweavers.com> writes:
> + privs = get_req_data_after_objattr( objattr, &data_size );
> + privs_size = req->privilege_count * sizeof(*privs);
> + if (req->default_dacl_size) acl = (const ACL *)((char *)privs + privs_size);
> +
> + groups = (const struct token_groups *)((char *)privs + privs_size + req->default_dacl_size);
> + attr = (unsigned int *)(groups + 1);
> + sid = (const SID *)(attr + groups->count); /* first entry is user */
> + if (!acl) acl = default_dacl = create_default_dacl( sid );
You need to validate all the sizes and alignments before accessing any
data received from the client.
--
Alexandre Julliard
julliard at winehq.org
More information about the wine-devel
mailing list