[ros-diffs] [tfaber] 55678: [ADVAPI32] - Fix buffer overflow in LookupAccountSidA See issue #6752 for more details.

Author: tfaber Date: Sat Feb 18 12:00:50 2012 New Revision: 55678 URL: http://svn.reactos.org/svn/reactos?rev=55678&view=rev Log: [ADVAPI32] - Fix buffer overflow in LookupAccountSidA See issue #6752 for more details. Modified: trunk/reactos/dll/win32/advapi32/sec/misc.c Modified: trunk/reactos/dll/win32/advapi32/sec/misc.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/advapi32/sec/mis… ============================================================================== --- trunk/reactos/dll/win32/advapi32/sec/misc.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/advapi32/sec/misc.c [iso-8859-1] Sat Feb 18 12:00:50 2012 @@ -1,6 +1,6 @@ /* * COPYRIGHT: See COPYING in the top level directory - * WINE COPYRIGHT: + * WINE COPYRIGHT: * Copyright 1999, 2000 Juergen Schmied <juergen.schmied(a)debitel.net> * Copyright 2003 CodeWeavers Inc. (Ulrich Czekalla) * Copyright 2006 Robert Reif @@ -808,7 +808,7 @@ /* allocate buffers for the unicode strings to receive */ if (dwName > 0) { - NameBuffer = (PWSTR)LocalAlloc(LMEM_FIXED, dwName); + NameBuffer = LocalAlloc(LMEM_FIXED, dwName * sizeof(WCHAR)); if (NameBuffer == NULL) { SetLastError(ERROR_OUTOFMEMORY); @@ -820,7 +820,7 @@ if (dwReferencedDomainName > 0) { - ReferencedDomainNameBuffer = (PWSTR)LocalAlloc(LMEM_FIXED, dwReferencedDomainName); + ReferencedDomainNameBuffer = LocalAlloc(LMEM_FIXED, dwReferencedDomainName * sizeof(WCHAR)); if (ReferencedDomainNameBuffer == NULL) { if (dwName > 0)