Author: cgutman Date: Fri Jun 18 21:57:07 2010 New Revision: 47801 URL: http://svn.reactos.org/svn/reactos?rev=47801&view=rev Log: [NTOSKRNL] - Fix a string termination bug in the device interface code - Thanks to janderwald for spotting the bug Modified: trunk/reactos/ntoskrnl/io/iomgr/deviface.c Modified: trunk/reactos/ntoskrnl/io/iomgr/deviface.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/io/iomgr/deviface… ============================================================================== --- trunk/reactos/ntoskrnl/io/iomgr/deviface.c [iso-8859-1] (original) +++ trunk/reactos/ntoskrnl/io/iomgr/deviface.c [iso-8859-1] Fri Jun 18 21:57:07 2010 @@ -105,17 +105,19 @@ goto cleanup; } - SubKeyName.Buffer = ExAllocatePool(PagedPool, SymbolicLinkName->Length); + SubKeyName.MaximumLength = SymbolicLinkName->Length + sizeof(WCHAR); + SubKeyName.Length = 0; + SubKeyName.Buffer = ExAllocatePool(PagedPool, SubKeyName.MaximumLength); if (!SubKeyName.Buffer) { Status = STATUS_INSUFFICIENT_RESOURCES; goto cleanup; } - SubKeyName.MaximumLength = SymbolicLinkName->Length; - SubKeyName.Length = 0; RtlAppendUnicodeStringToString(&SubKeyName, SymbolicLinkName); + + SubKeyName.Buffer[SubKeyName.Length / sizeof(WCHAR)] = UNICODE_NULL; SubKeyName.Buffer[0] = L'#'; SubKeyName.Buffer[1] = L'#';