From 0cffcb77d6e624bcc7567ebcfaecb0ef730e7a7e Mon Sep 17 00:00:00 2001
From: Hans Leidekker <hans@codeweavers.com>
Date: Tue, 21 Sep 2010 12:54:50 +0200
Subject: [PATCH] advapi32: Fix handling of zero account and domain size
 parameters in LookupAccountSid.

---
 dlls/advapi32/security.c       | 15 ++++++++++++---
 dlls/advapi32/tests/security.c | 12 +++++++++++-
 2 files changed, 23 insertions(+), 4 deletions(-)

diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c
index 3e7699a690c..0458033cf97 100644
--- a/dlls/advapi32/security.c
+++ b/dlls/advapi32/security.c
@@ -2069,6 +2069,11 @@ LookupAccountSidA(
         } else
             *domainSize = domainSizeW + 1;
     }
+    else
+    {
+        *accountSize = accountSizeW + 1;
+        *domainSize = domainSizeW + 1;
+    }
 
     HeapFree( GetProcessHeap(), 0, systemW );
     HeapFree( GetProcessHeap(), 0, accountW );
@@ -2225,8 +2230,11 @@ LookupAccountSidW(
             if (domain)
                 lstrcpyW(domain, dm);
         }
-        if (((*accountSize != 0) && (*accountSize < ac_len)) ||
-            ((*domainSize != 0) && (*domainSize < dm_len))) {
+        if ((*accountSize && *accountSize < ac_len) ||
+            (!account && !*accountSize && ac_len)   ||
+            (*domainSize && *domainSize < dm_len)   ||
+            (!domain && !*domainSize && dm_len))
+        {
             SetLastError(ERROR_INSUFFICIENT_BUFFER);
             status = FALSE;
         }
@@ -2238,9 +2246,10 @@ LookupAccountSidW(
             *accountSize = ac_len;
         else
             *accountSize = ac_len + 1;
-        *name_use = use;
+
         HeapFree(GetProcessHeap(), 0, account_name);
         HeapFree(GetProcessHeap(), 0, computer_name);
+        if (status) *name_use = use;
         return status;
     }
 
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index 424403b6782..f599bb1eae6 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -1505,7 +1505,7 @@ static void test_LookupAccountSid(void)
     PSID pUsersSid = NULL;
     SID_NAME_USE use;
     BOOL ret;
-    DWORD size,cbti = 0;
+    DWORD error, size, cbti = 0;
     MAX_SID  max_sid;
     CHAR *str_sidA;
     int i;
@@ -1667,6 +1667,16 @@ static void test_LookupAccountSid(void)
        "LookupAccountSidW() Expected dom_size = %u, got %u\n",
        real_dom_sizeW + 1, dom_sizeW);
 
+    acc_sizeW = dom_sizeW = use = 0;
+    SetLastError(0xdeadbeef);
+    ret = LookupAccountSidW(NULL, pUsersSid, NULL, &acc_sizeW, NULL, &dom_sizeW, &use);
+    error = GetLastError();
+    ok(!ret, "LookupAccountSidW failed %u\n", GetLastError());
+    ok(error == ERROR_INSUFFICIENT_BUFFER, "expected ERROR_INSUFFICIENT_BUFFER, got %u\n", error);
+    ok(acc_sizeW, "expected non-zero account size\n");
+    ok(dom_sizeW, "expected non-zero domain size\n");
+    ok(!use, "expected zero use %u\n", use);
+
     FreeSid(pUsersSid);
 
     /* Test LookupAccountSid with Sid retrieved from token information.