[ros-diffs] [cwittich] 40398: wininet: Fixed memory corruption in urlcache. Author: Marcus Meissner <marcus at jet.franken.de> Date: Sun Apr 5 13:55:21 2009 +0200

6 Apr 2009

Author: cwittich
Date: Mon Apr  6 19:42:28 2009
New Revision: 40398
URL: http://svn.reactos.org/svn/reactos?rev=40398&view=rev
Log:
wininet: Fixed memory corruption in urlcache.
Author: Marcus Meissner <marcus at jet.franken.de>
Date:   Sun Apr  5 13:55:21 2009 +0200
Modified:
    trunk/reactos/dll/win32/wininet/urlcache.c
Modified: trunk/reactos/dll/win32/wininet/urlcache.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/wininet/urlcache....
==============================================================================

--- trunk/reactos/dll/win32/wininet/urlcache.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/wininet/urlcache.c [iso-8859-1] Mon Apr  6 19:42:28 2009
@@ -980,11 +980,13 @@
     /* FIXME: is source url optional? */
     if (*lpdwBufferSize >= dwRequiredSize)
     {
-        lpCacheEntryInfo->lpszSourceUrlName = (LPSTR)lpCacheEntryInfo + dwRequiredSize - lenUrl - 1;
-        if (bUnicode)
-            MultiByteToWideChar(CP_ACP, 0, (LPSTR)pUrlEntry + pUrlEntry->dwOffsetUrl, -1, (LPWSTR)lpCacheEntryInfo->lpszSourceUrlName, lenUrl + 1);
-        else
-            memcpy(lpCacheEntryInfo->lpszSourceUrlName, (LPSTR)pUrlEntry + pUrlEntry->dwOffsetUrl, (lenUrl + 1) * sizeof(CHAR));
+        DWORD lenUrlBytes = (lenUrl+1) * (bUnicode ? sizeof(WCHAR) : sizeof(CHAR));
+
+        lpCacheEntryInfo->lpszSourceUrlName = (LPSTR)lpCacheEntryInfo + dwRequiredSize - lenUrlBytes;
+         if (bUnicode)
+             MultiByteToWideChar(CP_ACP, 0, (LPSTR)pUrlEntry + pUrlEntry->dwOffsetUrl, -1, (LPWSTR)lpCacheEntryInfo->lpszSourceUrlName, lenUrl + 1);
+         else
+            memcpy(lpCacheEntryInfo->lpszSourceUrlName, (LPSTR)pUrlEntry + pUrlEntry->dwOffsetUrl, lenUrlBytes);
     }
if ((dwRequiredSize % 4) && (dwRequiredSize < *lpdwBufferSize))

    

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

[ros-diffs] [cwittich] 40398: wininet: Fixed memory corruption in urlcache. Author: Marcus Meissner <marcus at jet.franken.de> Date: Sun Apr 5 13:55:21 2009 +0200