From a9e04af2a5bf27057da6111eda6d6987faddbf3e Mon Sep 17 00:00:00 2001 From: Cameron Gutman Date: Wed, 29 Aug 2012 14:23:40 +0000 Subject: [PATCH] [WS2_32] - Fix a memory overwrite bug in some crappy WINE code that leads to nasty memory corruption of the service cache entry. This corrupts the first field of the cache, causing it to always reallocate memory because it thinks the size is 0. This would be even worse if the code didn't overwrite the other 12 bytes of corruption with proper data on the next lines. This also caused the aliases value to be garbage because it pointed at uninitialized data. svn path=/trunk/; revision=57199 --- reactos/dll/win32/ws2_32/misc/ns.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/reactos/dll/win32/ws2_32/misc/ns.c b/reactos/dll/win32/ws2_32/misc/ns.c index 4dc5aba5059..3fbcc871c4c 100644 --- a/reactos/dll/win32/ws2_32/misc/ns.c +++ b/reactos/dll/win32/ws2_32/misc/ns.c @@ -1275,7 +1275,7 @@ getservbyname(IN CONST CHAR FAR* name, WS_DbgPrint(MAX_TRACE,("Aliase %d: %s\n", i, Aliases[i])); } - memcpy(p->Getservbyname, + memcpy(p->Getservbyname->Aliases, Aliases, sizeof(Aliases)); @@ -1457,7 +1457,7 @@ getservbyport(IN INT port, WS_DbgPrint(MAX_TRACE,("Aliases %d: %s\n", i, Aliases[i])); } - memcpy(p->Getservbyport,Aliases,sizeof(Aliases)); + memcpy(p->Getservbyport->Aliases,Aliases,sizeof(Aliases)); /* Create the struct proper */ p->Getservbyport->ServerEntry.s_name = ServiceName;