netapi32: Fix to prevent access beyond nul terminator
Andrew Talbot
andrew.talbot at talbotville.com
Mon Aug 22 15:47:07 CDT 2011
Changelog:
netapi32: Fix to prevent access beyond nul terminator.
The existing code will continue to process garbage after the nul terminator
unless it happens to encounter two nuls in a row.
diff --git a/dlls/netapi32/nbt.c b/dlls/netapi32/nbt.c
index 1115967..404fbd9 100644
--- a/dlls/netapi32/nbt.c
+++ b/dlls/netapi32/nbt.c
@@ -1497,13 +1497,17 @@ void NetBTInit(void)
NetBTNameEncode */
char *ptr, *lenPtr;
- for (ptr = gScopeID + 1; ptr - gScopeID < sizeof(gScopeID) && *ptr; )
+ for (ptr = gScopeID + 1, lenPtr = gScopeID; ptr - gScopeID < sizeof(gScopeID) && *ptr; ++ptr)
{
- for (lenPtr = ptr - 1, *lenPtr = 0;
- ptr - gScopeID < sizeof(gScopeID) && *ptr && *ptr != '.';
- ptr++)
- *lenPtr += 1;
- ptr++;
+ if (*ptr == '.')
+ {
+ lenPtr = ptr;
+ *lenPtr = 0;
+ }
+ else
+ {
+ ++*lenPtr;
+ }
}
}
if (RegQueryValueExW(hKey, CacheTimeoutW, NULL, NULL,
More information about the wine-patches
mailing list