Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-08-03 21:05:43 +00:00
Code Issues Projects Releases Packages Wiki Activity

[0.4.9][ADVAPI32] Fix crash when running advapi32:security with DPH CORE-14719

Browse source 
Import the following Wine commits:
* 79636bebbfa Michael Müller: advapi32: Set last error to ERROR_SUCCESS in GetSidIdentifierAuthority.
* 1d03ba76116 Hans Leidekker: advapi32: Fix parsing empty DACL/SACL security descriptor strings.
* 5bc2e83c7ab Hans Leidekker: advapi32: Fix size returned from ConvertStringSecurityDescriptorToSecurityDescriptor on 64-bit.

It crashed randomly only without DPH, but was crashing reliably with system-wide-DPH.

The bug in advapi32.dll was unhidden by the upgraded test in 0.4.9-dev-555-g 3c1b7834e1
but the bug did also affect older versions of advapi32.dll. Was just not triggered then.
So that rev is not really "guilty". And that is also the reason why I do port it back further than
releases/0.4.9, because *when using the upgraded test* I could make it crash also on
0.4.8-release-113-g5daae85 and 0.4.7-release-128-ga203b7a with system-wide-DPH-enabled.
And the fix is effective in solving the issue also there.

The fix was picked from
0.4.10-dev-219-g 95c3e17a80
This commit is contained in:
Joachim Henze 2022-03-04 10:46:54 +01:00
parent 972df100c2
commit 642d3753b1
1 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

8
dll/win32/advapi32/wine/security.c
View file

@ -759,6 +759,7 @@ PSID_IDENTIFIER_AUTHORITY
WINAPI
GetSidIdentifierAuthority(PSID pSid)
{
SetLastError(ERROR_SUCCESS);
return RtlIdentifierAuthoritySid(pSid);
}
@ -2227,7 +2228,7 @@ static DWORD ParseAclStringFlags(LPCWSTR* StringAcl)
DWORD flags = 0;
LPCWSTR szAcl = *StringAcl;
while (*szAcl != '(')
while (*szAcl && *szAcl != '(')
{
if (*szAcl == 'P')
{
@ -2538,7 +2539,7 @@ static BOOL ParseStringAclToAcl(LPCWSTR StringAcl, LPDWORD lpdwFlags,
pAcl->AclRevision = ACL_REVISION;
pAcl->Sbz1 = 0;
pAcl->AclSize = length;
pAcl->AceCount = acecount++;
pAcl->AceCount = acecount;
pAcl->Sbz2 = 0;
}
return TRUE;
@ -2549,7 +2550,6 @@ lerr:
return FALSE;
}
/******************************************************************************
* ParseStringSecurityDescriptorToSecurityDescriptor
*/
@ -2565,7 +2565,7 @@ static BOOL ParseStringSecurityDescriptorToSecurityDescriptor(
LPBYTE lpNext = NULL;
DWORD len;
*cBytes = sizeof(SECURITY_DESCRIPTOR);
*cBytes = sizeof(SECURITY_DESCRIPTOR_RELATIVE);
tok = heap_alloc( (lstrlenW(StringSecurityDescriptor) + 1) * sizeof(WCHAR));