[PATCH] crypt32: Fix key name null termination (Coverity)
Nikolay Sivov
nsivov at codeweavers.com
Mon Nov 23 06:29:06 CST 2015
Signed-off-by: Nikolay Sivov <nsivov at codeweavers.com>
---
dlls/crypt32/str.c | 14 ++++++--------
1 file changed, 6 insertions(+), 8 deletions(-)
diff --git a/dlls/crypt32/str.c b/dlls/crypt32/str.c
index 7b52731..0a41e75 100644
--- a/dlls/crypt32/str.c
+++ b/dlls/crypt32/str.c
@@ -769,7 +769,7 @@ struct KeynameKeeper
{
WCHAR buf[10]; /* big enough for L"GivenName" */
LPWSTR keyName; /* usually = buf, but may be allocated */
- DWORD keyLen;
+ DWORD keyLen; /* full available buffer size in WCHARs */
};
static void CRYPT_InitializeKeynameKeeper(struct KeynameKeeper *keeper)
@@ -795,17 +795,15 @@ static void CRYPT_KeynameKeeperFromTokenW(struct KeynameKeeper *keeper,
{
DWORD len = key->end - key->start;
- if (len > keeper->keyLen)
+ if (len >= keeper->keyLen)
{
+ keeper->keyLen = len + 1;
if (keeper->keyName == keeper->buf)
- keeper->keyName = CryptMemAlloc(len * sizeof(WCHAR));
+ keeper->keyName = CryptMemAlloc(keeper->keyLen * sizeof(WCHAR));
else
- keeper->keyName = CryptMemRealloc(keeper->keyName,
- len * sizeof(WCHAR));
- keeper->keyLen = len;
+ keeper->keyName = CryptMemRealloc(keeper->keyName, keeper->keyLen * sizeof(WCHAR));
}
- memcpy(keeper->keyName, key->start, (key->end - key->start) *
- sizeof(WCHAR));
+ memcpy(keeper->keyName, key->start, len * sizeof(WCHAR));
keeper->keyName[len] = '\0';
TRACE("Keyname is %s\n", debugstr_w(keeper->keyName));
}
--
2.6.2
More information about the wine-patches
mailing list