Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-02-23 17:05:46 +00:00
Code Issues Projects Releases Packages Wiki Activity

[ADVAPI32] prevent buffer overflow in ParseStringSecurityDescriptorToSecurityDescriptor (wine-patch by Alistair Leslie-Hughes)

Browse source 
svn path=/trunk/; revision=68799
This commit is contained in:
Christoph von Wittich 2015-08-23 07:07:25 +00:00
parent 3f801dad23
commit 4f9474e3ec
1 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
reactos/dll/win32/advapi32/wine/security.c
View file

@ -2544,13 +2544,15 @@ static BOOL ParseStringSecurityDescriptorToSecurityDescriptor(
{
BOOL bret = FALSE;
WCHAR toktype;
WCHAR tok[MAX_PATH];
WCHAR *tok;
LPCWSTR lptoken;
LPBYTE lpNext = NULL;
DWORD len;
*cBytes = sizeof(SECURITY_DESCRIPTOR);
tok = heap_alloc( (lstrlenW(StringSecurityDescriptor) + 1) * sizeof(WCHAR));
if (SecurityDescriptor)
lpNext = (LPBYTE)(SecurityDescriptor + 1);
@ -2672,6 +2674,7 @@ static BOOL ParseStringSecurityDescriptorToSecurityDescriptor(
bret = TRUE;
lend:
heap_free(tok);
return bret;
}