Author: rharabien Date: Wed Apr 20 21:31:41 2011 New Revision: 51412
URL: http://svn.reactos.org/svn/reactos?rev=51412&view=rev Log: [KERNEL32] * Properly check if buffer given to GetComputerName is too small. Fixes hostname.exe if computer name is MAX_COMPUTERNAME_LENGTH long (the default for bootcd since it's generated randomly in Setup). * Simplify it a bit
Modified: trunk/reactos/dll/win32/kernel32/misc/computername.c
Modified: trunk/reactos/dll/win32/kernel32/misc/computername.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/kernel32/misc/com... ============================================================================== --- trunk/reactos/dll/win32/kernel32/misc/computername.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/kernel32/misc/computername.c [iso-8859-1] Wed Apr 20 21:31:41 2011 @@ -39,7 +39,7 @@ GetComputerNameFromRegistry(LPWSTR RegistryKey, LPWSTR ValueNameStr, LPWSTR lpBuffer, - LPDWORD nSize ) + LPDWORD nSize) { PKEY_VALUE_PARTIAL_INFORMATION KeyInfo; OBJECT_ATTRIBUTES ObjectAttributes; @@ -50,7 +50,7 @@ ULONG ReturnSize; NTSTATUS Status;
- RtlInitUnicodeString(&KeyName,RegistryKey); + RtlInitUnicodeString(&KeyName, RegistryKey); InitializeObjectAttributes(&ObjectAttributes, &KeyName, OBJ_CASE_INSENSITIVE, @@ -75,7 +75,7 @@ return FALSE; }
- RtlInitUnicodeString(&ValueName,ValueNameStr); + RtlInitUnicodeString(&ValueName, ValueNameStr);
Status = ZwQueryValueKey(KeyHandle, &ValueName, @@ -83,35 +83,40 @@ KeyInfo, KeyInfoSize, &ReturnSize); + + ZwClose(KeyHandle); + if (!NT_SUCCESS(Status)) { - RtlFreeHeap(RtlGetProcessHeap(), 0, KeyInfo); - ZwClose(KeyHandle); *nSize = ReturnSize; - SetLastErrorByStatus(Status); - return FALSE; - } - - if (lpBuffer && *nSize > (KeyInfo->DataLength / sizeof(WCHAR))) - { - *nSize = KeyInfo->DataLength / sizeof(WCHAR) - 1; - lpBuffer[*nSize] = 0; - } - else - { - RtlFreeHeap(RtlGetProcessHeap(), 0, KeyInfo); - ZwClose(KeyHandle); + goto failed; + } + + if (KeyInfo->Type != REG_SZ) + { + Status = STATUS_UNSUCCESSFUL; + goto failed; + } + + if (!lpBuffer || *nSize < (KeyInfo->DataLength / sizeof(WCHAR))) + { *nSize = ReturnSize; - SetLastErrorByStatus(STATUS_BUFFER_OVERFLOW); - return FALSE; - } - - RtlCopyMemory(lpBuffer, KeyInfo->Data, *nSize * sizeof(WCHAR)); + Status = STATUS_BUFFER_OVERFLOW; + goto failed; + } + + *nSize = KeyInfo->DataLength / sizeof(WCHAR) - 1; + RtlCopyMemory(lpBuffer, KeyInfo->Data, KeyInfo->DataLength); + lpBuffer[*nSize] = 0;
RtlFreeHeap(RtlGetProcessHeap(), 0, KeyInfo); - ZwClose(KeyHandle);
return TRUE; + +failed: + RtlFreeHeap(RtlGetProcessHeap(), 0, KeyInfo); + SetLastErrorByStatus(Status); + return FALSE; }
/*