Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-07-11 07:05:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix a buffer overflow accessing the pKeepAce array in AccRewriteSetEntriesInAcl

Browse source 
svn path=/trunk/; revision=31157
This commit is contained in:
Thomas Bluemel 2007-12-11 17:52:30 +00:00
parent f4985fcee6
commit 1e9c10e4a5
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
reactos/dll/win32/ntmarta/ntmarta.c
View file

@ -1020,7 +1020,7 @@ AccRewriteSetEntriesInAcl(ULONG cCountOfExplicitEntries,
PACL pNew; PACL pNew;
ACL_SIZE_INFORMATION SizeInformation; ACL_SIZE_INFORMATION SizeInformation;
PACE_HEADER pAce; PACE_HEADER pAce;
BOOL *pKeepAce = NULL; BOOLEAN *pKeepAce = NULL;
BOOL needToClean; BOOL needToClean;
PSID pSid1, pSid2; PSID pSid1, pSid2;
ULONG i; ULONG i;
@ -1042,14 +1042,14 @@ AccRewriteSetEntriesInAcl(ULONG cCountOfExplicitEntries,
goto Cleanup; goto Cleanup;
} }
pKeepAce = (BOOL *)LocalAlloc(LMEM_FIXED, SizeInformation.AceCount); pKeepAce = (BOOLEAN *)LocalAlloc(LMEM_FIXED, SizeInformation.AceCount * sizeof(*pKeepAce));
if (!pKeepAce) if (!pKeepAce)
{ {
Ret = ERROR_NOT_ENOUGH_MEMORY; Ret = ERROR_NOT_ENOUGH_MEMORY;
goto Cleanup; goto Cleanup;
} }
memset(pKeepAce, TRUE, SizeInformation.AceCount); memset(pKeepAce, TRUE, SizeInformation.AceCount * sizeof(*pKeepAce));
} }
else else
{ {