[PATCH] ntdll: Fix the overflow check in read_changes_apc().
Zebediah Figura
z.figura12 at gmail.com
Sun Mar 22 19:11:29 CDT 2020
Fixes test failures in kernel32:change.
Signed-off-by: Zebediah Figura <z.figura12 at gmail.com>
---
dlls/ntdll/file.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/dlls/ntdll/file.c b/dlls/ntdll/file.c
index 5175e9d5ce..5b60c887e2 100644
--- a/dlls/ntdll/file.c
+++ b/dlls/ntdll/file.c
@@ -1768,16 +1768,17 @@ static NTSTATUS read_changes_apc( void *user, IO_STATUS_BLOCK *iosb, NTSTATUS st
while (size && left >= sizeof(*pfni))
{
+ DWORD len = (left - offsetof(FILE_NOTIFY_INFORMATION, FileName)) / sizeof(WCHAR);
+
/* convert to an NT style path */
for (i = 0; i < event->len; i++)
if (event->name[i] == '/') event->name[i] = '\\';
pfni->Action = event->action;
- pfni->FileNameLength = ntdll_umbstowcs( event->name, event->len, pfni->FileName,
- (left - offsetof(FILE_NOTIFY_INFORMATION, FileName)) / sizeof(WCHAR));
+ pfni->FileNameLength = ntdll_umbstowcs( event->name, event->len, pfni->FileName, len );
last_entry_offset = &pfni->NextEntryOffset;
- if (pfni->FileNameLength == -1 || pfni->FileNameLength == -2) break;
+ if (pfni->FileNameLength == len) break;
i = offsetof(FILE_NOTIFY_INFORMATION, FileName[pfni->FileNameLength]);
pfni->FileNameLength *= sizeof(WCHAR);
--
2.25.2
More information about the wine-devel
mailing list