rpcrt4: Fix buffer size calculation for arrays with embedded pointers

[Eric Kohl]

When I ran the wine advapi32-lsa tests on ReactOS, I found a bug in the
array marhalling code. The test_LsaLookupNames2 function calls
LsaLookupNames2 and passes various account names to this function. In
the last test, an array of 3 account names is passed. The length of
these unicode strings are 26, 24, and 50 bytes. On ReactOS, where
LsaLookupNames2 is a RPC client function, the server function receives
an array of unicode strings with lengths of 26 bytes each. The last
string is truncated and the server function cannot determine SID and Use
values for this account. The test fails.

After enabling the rpc and ole debug channels, I found out that the
client marshalling code in rpcrt4 calculates a size of 26 bytes for each
of these strings. It seemed like the 'get size' code did not traverse
the array and calculated the proper size of each string but used the
size of the first element of the array over and over angain.

I finally found the bug in the function EmbeddedPointerBufferSize where
the pointer to the current array element was not incremented while the
surrounding for loop traversed the array. The pointer was always
pointing at the first element of the array. I also found the same bug in
the function EmbeddedPointerMarshall.

After fixing these bugs, ReactOS runs the test_LsaLookupNames2 function
without errors. The three account names are passed to the server side
with correct lengths of 26, 24 and 50 bytes and the server function
returns the proper SID and use values.


-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: 0001-rpcrt4-Fix-buffer-size-calculation-for-arrays-with-e.patch
URL: <http://www.winehq.org/pipermail/wine-patches/attachments/20140918/7015606a/attachment.ksh>