[prev in list] [next in list] [prev in thread] [next in thread] 

List:       wine-devel
Subject:    Re: ntdll: RtlCreateAcl: initialize all the bytes passed by the user
From:       Alexandre Julliard <julliard () winehq ! org>
Date:       2007-10-30 11:46:05
Message-ID: 87ve8on7uq.fsf () wine ! dyndns ! org
[Download RAW message or body]

"Dan Kegel" <dank@kegel.com> writes:

> Without this patch, NtAccessCheck() references uninitialized
> memory (it seems to send the entire ACL with the user's
> length to the server, not just sizeof(ACL)).  This showed up as
> valgrind errors when running "make test" in advapi32.
> I suppose the right fix might be to send just sizeof(ACL) bytes
> to the server, but I wouldn't know, and initializing all
> the bytes given by the caller seems innocuous enough.

It isn't innocuous, if Windows doesn't do it then it's quite likely that
apps will pass a too large size, we've had that kind of problem in some
other places already.

-- 
Alexandre Julliard
julliard@winehq.org


[prev in list] [next in list] [prev in thread] [next in thread]