From current CVS, running in whole-page alloc mode, I see a buffer
overrun in lib/rtl/acl.c early in the boot process. What I see is a few calls to RtlpAddKnownAce which slowly overgrow the available buffer. The following patch fixes it, but I don't know if it's right as I'm not sure if AclSize should be adjusted. The reason a patch like this is needed is that AclSize is checked against the size of the Sid to be copied in, but that size never changes so as many sids as desired could be copied in without the check at line 136 going off, thus overrunning available space.
"art yerkes" ayerkes@speakeasy.net wrote:
From current CVS, running in whole-page alloc mode, I see a buffer
overrun in lib/rtl/acl.c early in the boot process. What I see is a few calls to RtlpAddKnownAce which slowly overgrow the available buffer. The following patch fixes it, but I don't know if it's right as I'm not sure if AclSize should be adjusted. The reason a patch like this is needed is that AclSize is checked against the size of the Sid to be copied in, but that size never changes so as many sids as desired could be copied in without the check at line 136 going off, thus overrunning available space.
Hi Art,
modifying AclSize is a bad idea because it is the size of the ACL, including unused buffer size, but not the size of unused buffer. I attached a patch that checks whether the new ACE fits into the unused buffer space of the ACL.
Regards, Eric
-
art yerkes -
eric.kohl@t-online.de