[ros-diffs] [fireball] 44117: [advapi32] Alexander Yastrebov <menone7@gmail.com> - Return proper lengths of required buffer sizes in characters (including the termination NULL character) in LookupAccountSid. Fixes 4 "advapi32_winetest security" failures. See issue #4904 for more details.

12 Nov 2009

Author: fireball
Date: Thu Nov 12 14:55:51 2009
New Revision: 44117

URL: http://svn.reactos.org/svn/reactos?rev=44117&view=rev
Log:
[advapi32]
Alexander Yastrebov &lt;menone7(a)gmail.com&gt;
- Return proper lengths of required buffer sizes in characters (including the termination
NULL character) in LookupAccountSid. Fixes 4 "advapi32_winetest security"
failures.
See issue #4904 for more details.

Modified:
    trunk/reactos/dll/win32/advapi32/sec/misc.c

Modified: trunk/reactos/dll/win32/advapi32/sec/misc.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/advapi32/sec/mis…
==============================================================================

--- trunk/reactos/dll/win32/advapi32/sec/misc.c [iso-8859-1] (original)
+++ trunk/reactos/dll/win32/advapi32/sec/misc.c [iso-8859-1] Thu Nov 12 14:55:51 2009
@@ -1146,6 +1146,7 @@
 	PLSA_REFERENCED_DOMAIN_LIST ReferencedDomain = NULL;
 	PLSA_TRANSLATED_NAME TranslatedName = NULL;
 	BOOL ret;
+	DWORD dwAccountName, dwDomainName;
 
 	RtlInitUnicodeString ( &SystemName, pSystemName );
 	Status = LsaOpenPolicy ( &SystemName, &ObjectAttributes, POLICY_LOOKUP_NAMES,
&PolicyHandle );
@@ -1166,49 +1167,37 @@
 	else
 	{
 		ret = TRUE;
-		if ( TranslatedName )
+		
+		dwAccountName = TranslatedName->Name.Length / sizeof(WCHAR);
+		if (ReferencedDomain && ReferencedDomain->Entries > 0)
+			dwDomainName = ReferencedDomain->Domains[0].Name.Length / sizeof(WCHAR);
+		else
+			dwDomainName = 0;
+		
+		if (*pdwAccountName <= dwAccountName || *pdwDomainName <= dwDomainName)
 		{
-			DWORD dwSrcLen = TranslatedName->Name.Length / sizeof(WCHAR);
-			if ( *pdwAccountName <= dwSrcLen )
-			{
-				*pdwAccountName = dwSrcLen + 1;
-				ret = FALSE;
-			}
-			else
-			{
-				*pdwAccountName = dwSrcLen;
-				if (pAccountName)
-				{
-					RtlCopyMemory ( pAccountName, TranslatedName->Name.Buffer,
TranslatedName->Name.Length );
-					pAccountName[TranslatedName->Name.Length / sizeof(WCHAR)] = L'\0';
-				}
-			}
-			if ( peUse )
+			/* One or two buffers are insufficient, add up a char for NULL termination */
+			*pdwAccountName = dwAccountName + 1;
+			*pdwDomainName = dwDomainName + 1;
+			ret = FALSE;
+		} else
+		{
+			/* Lengths are sufficient, copy the data */
+			if(dwAccountName)
+				RtlCopyMemory(pAccountName, TranslatedName->Name.Buffer, dwAccountName *
sizeof(WCHAR));
+			pAccountName[dwAccountName] = L'\0';
+			
+			if(dwDomainName)
+				RtlCopyMemory(pDomainName, ReferencedDomain->Domains[0].Name.Buffer, dwDomainName
* sizeof(WCHAR));
+			pDomainName[dwDomainName] = L'\0';
+
+			*pdwAccountName = dwAccountName;
+			*pdwDomainName = dwDomainName;
+
+			if (peUse)
 				*peUse = TranslatedName->Use;
 		}
-
-		if ( ReferencedDomain )
-		{
-			if ( ReferencedDomain->Entries > 0 )
-			{
-				DWORD dwSrcLen = ReferencedDomain->Domains[0].Name.Length / sizeof(WCHAR);
-				if ( *pdwDomainName <= dwSrcLen )
-				{
-					*pdwDomainName = dwSrcLen + 1;
-					ret = FALSE;
-				}
-				else
-				{
-					*pdwDomainName = dwSrcLen;
-					if (pDomainName)
-					{
-					    RtlCopyMemory ( pDomainName, ReferencedDomain->Domains[0].Name.Buffer,
ReferencedDomain->Domains[0].Name.Length );
-					    pDomainName[ReferencedDomain->Domains[0].Name.Length / sizeof(WCHAR)] =
L'\0';
-					}
-				}
-			}
-		}
-
+		
 		if ( !ret )
 			SetLastError(ERROR_INSUFFICIENT_BUFFER);
 	}



    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

[ros-diffs] [fireball] 44117: [advapi32] Alexander Yastrebov <menone7@gmail.com> - Return proper lengths of required buffer sizes in characters (including the termination NULL character) in LookupAccountSid. Fixes 4 "advapi32_winetest security" failures. See issue #4904 for more details.