[prev in list] [next in list] [prev in thread] [next in thread]
List: wine-devel
Subject: Re: ntdll: RtlCreateAcl: initialize all the bytes passed by the user
From: Alexandre Julliard <julliard () winehq ! org>
Date: 2007-10-30 11:46:05
Message-ID: 87ve8on7uq.fsf () wine ! dyndns ! org
[Download RAW message or body]
"Dan Kegel" <dank@kegel.com> writes:
> Without this patch, NtAccessCheck() references uninitialized
> memory (it seems to send the entire ACL with the user's
> length to the server, not just sizeof(ACL)). This showed up as
> valgrind errors when running "make test" in advapi32.
> I suppose the right fix might be to send just sizeof(ACL) bytes
> to the server, but I wouldn't know, and initializing all
> the bytes given by the caller seems innocuous enough.
It isn't innocuous, if Windows doesn't do it then it's quite likely that
apps will pass a too large size, we've had that kind of problem in some
other places already.
--
Alexandre Julliard
julliard@winehq.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic