[reactos] 02/02: [NTOS:PNP] Correctly respect data size in PnpRegSzToString. CORE-15766 - Ros-diffs

20 Feb 2019

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=cf40421041eeea92a29520...
commit cf40421041eeea92a29520a9d04868cb804239ca
Author:     Thomas Faber thomas.faber@reactos.org
AuthorDate: Wed Feb 20 12:21:03 2019 +0100
Commit:     Thomas Faber thomas.faber@reactos.org
CommitDate: Wed Feb 20 12:23:33 2019 +0100
[NTOS:PNP] Correctly respect data size in PnpRegSzToString. CORE-15766
Spotted by Vadim Galyant.
---
 ntoskrnl/io/pnpmgr/pnputil.c | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/ntoskrnl/io/pnpmgr/pnputil.c b/ntoskrnl/io/pnpmgr/pnputil.c
index 3ed75b2c07..8f17304187 100644
--- a/ntoskrnl/io/pnpmgr/pnputil.c
+++ b/ntoskrnl/io/pnpmgr/pnputil.c
@@ -175,11 +175,20 @@ PnpRegSzToString(IN PWCHAR RegSzData,
     PWCHAR p, pp;
/* Find the end */
-    pp = RegSzData + RegSzLength;
-    for (p = RegSzData; p < pp; p++) if (!*p) break;
+    pp = RegSzData + RegSzLength / sizeof(WCHAR);
+    for (p = RegSzData; p < pp; p++)
+    {
+        if (!*p)
+        {
+            break;
+        }
+    }
-    /* Return it */
-    if (StringLength) *StringLength = (USHORT)(p - RegSzData) * sizeof(WCHAR);
+    /* Return the length. Truncation can happen but is of no consequence. */
+    if (StringLength)
+    {
+        *StringLength = (USHORT)(p - RegSzData) * sizeof(WCHAR);
+    }
     return TRUE;
 }

    