From 52719b52aec8760bb652aa39d0f40ae9198a3292 Mon Sep 17 00:00:00 2001
From: Timo Kreuzer <timo.kreuzer@reactos.org>
Date: Sun, 6 Apr 2025 18:06:16 +0300
Subject: [PATCH] [VCRUNTIME] Fix a bug in x64 __security_init_cookie

---
 sdk/lib/vcruntime/__security_init_cookie.c | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/sdk/lib/vcruntime/__security_init_cookie.c b/sdk/lib/vcruntime/__security_init_cookie.c
index 54edfa745cb..ec10e2fc620 100644
--- a/sdk/lib/vcruntime/__security_init_cookie.c
+++ b/sdk/lib/vcruntime/__security_init_cookie.c
@@ -70,16 +70,17 @@ void __security_init_cookie(void)
     randomValue += GetCurrentProcessId();
     randomValue = _rotlptr(randomValue, GetCurrentProcessId() >> 2);
 
-    if (randomValue == DEFAULT_SECURITY_COOKIE)
-    {
-        randomValue++;
-    }
-
 #ifdef _WIN64
     /* Zero out highest 16 bits */
     randomValue &= 0x0000FFFFFFFFFFFFull;
 #endif
 
+    /* Avoid the default security cookie */
+    if (randomValue == DEFAULT_SECURITY_COOKIE)
+    {
+        randomValue++;
+    }
+
     __security_cookie = randomValue;
     __security_cookie_complement = ~randomValue;
 }