mirror of
https://github.com/reactos/reactos.git
synced 2024-10-06 01:13:38 +00:00
Dmitry G. Gorbachev (hto at mail cnt dot ru):
NtOpenKey() calls ObpCaptureObjectAttributes() which can return null ObjectName. Then null pointer used in if (ObjectName.Buffer[(ObjectName.Length / sizeof(WCHAR)) - 1] == '\\') which leads to a crash. svn path=/trunk/; revision=25332
This commit is contained in:
parent
01ff2d0170
commit
a227f30dac
|
@ -1367,7 +1367,8 @@ NtOpenKey(OUT PHANDLE KeyHandle,
|
||||||
return Status;
|
return Status;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ObjectName.Buffer[(ObjectName.Length / sizeof(WCHAR)) - 1] == '\\')
|
if (ObjectName.Buffer &&
|
||||||
|
ObjectName.Buffer[(ObjectName.Length / sizeof(WCHAR)) - 1] == '\\')
|
||||||
{
|
{
|
||||||
ObjectName.Buffer[(ObjectName.Length / sizeof(WCHAR)) - 1] = UNICODE_NULL;
|
ObjectName.Buffer[(ObjectName.Length / sizeof(WCHAR)) - 1] = UNICODE_NULL;
|
||||||
ObjectName.Length -= sizeof(WCHAR);
|
ObjectName.Length -= sizeof(WCHAR);
|
||||||
|
|
Loading…
Reference in a new issue