[KERNEL32] Use RtlStringCbCopyNW() to correctly fill the WIN32_FIND_DATA.cFileName and cAlternateFileName members without any overflow and with a terminating NULL character.

dll/win32/kernel32/client/file/disk.c

@@ -19,7 +19,6 @@
  */
 
 #include <k32.h>
-#include <strsafe.h>
 
 #define NDEBUG
 #include <debug.h>

dll/win32/kernel32/client/file/find.c

@@ -5,12 +5,14 @@
  * PURPOSE:         Find functions
  * PROGRAMMERS:     Ariadne (ariadne@xs4all.nl)
  *                  Pierre Schweitzer (pierre.schweitzer@reactos.org)
- *                  Hermes BELUSCA - MAITO (hermes.belusca@sfr.fr)
+ *                  Hermes Belusca-Maito
  */
 
 /* INCLUDES *******************************************************************/
 
 #include <k32.h>
+#include <ntstrsafe.h>
+
 #define NDEBUG
 #include <debug.h>
 DEBUG_CHANNEL(kernel32file);
@@ -71,7 +73,7 @@ typedef struct _FIND_FILE_DATA
 
     /*
      * For handling STATUS_BUFFER_OVERFLOW errors emitted by
-     * NtQueryDirectoryFile in the FildNextFile function.
+     * NtQueryDirectoryFile in the FindNextFile function.
      */
     BOOLEAN HasMoreData;
 
@@ -128,9 +130,9 @@ CopyDeviceFindData(OUT LPWIN32_FIND_DATAW lpFindFileData,
         /* Return the data */
         RtlZeroMemory(lpFindFileData, sizeof(*lpFindFileData));
         lpFindFileData->dwFileAttributes = FILE_ATTRIBUTE_ARCHIVE;
-        RtlCopyMemory(lpFindFileData->cFileName,
+        RtlStringCbCopyNW(lpFindFileData->cFileName,
-                      DeviceName,
+                          sizeof(lpFindFileData->cFileName),
-                      Length);
+                          DeviceName, Length);
     }
     _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
     {
@@ -175,22 +177,22 @@ do { \
 
         if (fInfoLevelId == FindExInfoStandard)
         {
-            RtlCopyMemory(lpFindFileData->cFileName,
+            RtlStringCbCopyNW(lpFindFileData->cFileName,
-                          DirInfo.BothDirInfo->FileName,
+                              sizeof(lpFindFileData->cFileName),
-                          DirInfo.BothDirInfo->FileNameLength);
+                              DirInfo.BothDirInfo->FileName,
-            lpFindFileData->cFileName[DirInfo.BothDirInfo->FileNameLength / sizeof(WCHAR)] = UNICODE_NULL;
+                              DirInfo.BothDirInfo->FileNameLength);
 
-            RtlCopyMemory(lpFindFileData->cAlternateFileName,
+            RtlStringCbCopyNW(lpFindFileData->cAlternateFileName,
-                          DirInfo.BothDirInfo->ShortName,
+                              sizeof(lpFindFileData->cAlternateFileName),
-                          DirInfo.BothDirInfo->ShortNameLength);
+                              DirInfo.BothDirInfo->ShortName,
-            lpFindFileData->cAlternateFileName[DirInfo.BothDirInfo->ShortNameLength / sizeof(WCHAR)] = UNICODE_NULL;
+                              DirInfo.BothDirInfo->ShortNameLength);
         }
         else if (fInfoLevelId == FindExInfoBasic)
         {
-            RtlCopyMemory(lpFindFileData->cFileName,
+            RtlStringCbCopyNW(lpFindFileData->cFileName,
-                          DirInfo.FullDirInfo->FileName,
+                              sizeof(lpFindFileData->cFileName),
-                          DirInfo.FullDirInfo->FileNameLength);
+                              DirInfo.FullDirInfo->FileName,
-            lpFindFileData->cFileName[DirInfo.FullDirInfo->FileNameLength / sizeof(WCHAR)] = UNICODE_NULL;
+                              DirInfo.FullDirInfo->FileNameLength);
 
             lpFindFileData->cAlternateFileName[0] = UNICODE_NULL;
         }
@@ -554,6 +556,7 @@ FindClose(HANDLE hFindFile)
         _SEH2_YIELD(return FALSE);
     }
     _SEH2_END;
+
     return TRUE;
 }