From 224d33b2c9add04c4a1f3b7a9640225054044fa1 Mon Sep 17 00:00:00 2001 From: Detlef Riekenberg Date: Sat, 19 Sep 2009 00:45:07 +0200 Subject: [PATCH] advapi32: Don't use -1 as dstlen in WideCharToMultiByte. --- dlls/advapi32/cred.c | 96 +++++++++++++++++++++++++++----------------- 1 file changed, 59 insertions(+), 37 deletions(-) diff --git a/dlls/advapi32/cred.c b/dlls/advapi32/cred.c index 0fb36e6e1fb..4f31fcff20a 100644 --- a/dlls/advapi32/cred.c +++ b/dlls/advapi32/cred.c @@ -918,52 +918,70 @@ static DWORD mac_delete_credential(LPCWSTR TargetName) } #endif -static void convert_PCREDENTIALW_to_PCREDENTIALA(const CREDENTIALW *CredentialW, PCREDENTIALA CredentialA, DWORD *len) -{ - char *buffer = (char *)CredentialA + sizeof(CREDENTIALA); - INT string_len; +/****************************************************************************** + * convert_PCREDENTIALW_to_PCREDENTIALA [internal] + * + * convert a Credential struct from UNICODE to ANSI and return the needed size in Bytes + * + */ + +static INT convert_PCREDENTIALW_to_PCREDENTIALA(const CREDENTIALW *CredentialW, PCREDENTIALA CredentialA, INT len) +{ + char *buffer; + INT string_len; + INT needed = sizeof(CREDENTIALA); - *len += sizeof(CREDENTIALA); if (!CredentialA) { - if (CredentialW->TargetName) *len += WideCharToMultiByte(CP_ACP, 0, CredentialW->TargetName, -1, NULL, 0, NULL, NULL); - if (CredentialW->Comment) *len += WideCharToMultiByte(CP_ACP, 0, CredentialW->Comment, -1, NULL, 0, NULL, NULL); - *len += CredentialW->CredentialBlobSize; - if (CredentialW->TargetAlias) *len += WideCharToMultiByte(CP_ACP, 0, CredentialW->TargetAlias, -1, NULL, 0, NULL, NULL); - if (CredentialW->UserName) *len += WideCharToMultiByte(CP_ACP, 0, CredentialW->UserName, -1, NULL, 0, NULL, NULL); + if (CredentialW->TargetName) + needed += WideCharToMultiByte(CP_ACP, 0, CredentialW->TargetName, -1, NULL, 0, NULL, NULL); + if (CredentialW->Comment) + needed += WideCharToMultiByte(CP_ACP, 0, CredentialW->Comment, -1, NULL, 0, NULL, NULL); + needed += CredentialW->CredentialBlobSize; + if (CredentialW->TargetAlias) + needed += WideCharToMultiByte(CP_ACP, 0, CredentialW->TargetAlias, -1, NULL, 0, NULL, NULL); + if (CredentialW->UserName) + needed += WideCharToMultiByte(CP_ACP, 0, CredentialW->UserName, -1, NULL, 0, NULL, NULL); - return; + return needed; } + + buffer = (char *)CredentialA + sizeof(CREDENTIALA); + len -= sizeof(CREDENTIALA); CredentialA->Flags = CredentialW->Flags; CredentialA->Type = CredentialW->Type; + if (CredentialW->TargetName) { CredentialA->TargetName = buffer; - string_len = WideCharToMultiByte(CP_ACP, 0, CredentialW->TargetName, -1, CredentialA->TargetName, -1, NULL, NULL); + string_len = WideCharToMultiByte(CP_ACP, 0, CredentialW->TargetName, -1, buffer, len, NULL, NULL); buffer += string_len; - *len += string_len; + needed += string_len; + len -= string_len; } else CredentialA->TargetName = NULL; if (CredentialW->Comment) { CredentialA->Comment = buffer; - string_len = WideCharToMultiByte(CP_ACP, 0, CredentialW->Comment, -1, CredentialA->Comment, -1, NULL, NULL); + string_len = WideCharToMultiByte(CP_ACP, 0, CredentialW->Comment, -1, buffer, len, NULL, NULL); buffer += string_len; - *len += string_len; + needed += string_len; + len -= string_len; } else CredentialA->Comment = NULL; CredentialA->LastWritten = CredentialW->LastWritten; CredentialA->CredentialBlobSize = CredentialW->CredentialBlobSize; - if (CredentialW->CredentialBlobSize) + if (CredentialW->CredentialBlobSize && (CredentialW->CredentialBlobSize <= len)) { CredentialA->CredentialBlob =(LPBYTE)buffer; memcpy(CredentialA->CredentialBlob, CredentialW->CredentialBlob, CredentialW->CredentialBlobSize); buffer += CredentialW->CredentialBlobSize; - *len += CredentialW->CredentialBlobSize; + needed += CredentialW->CredentialBlobSize; + len -= CredentialW->CredentialBlobSize; } else CredentialA->CredentialBlob = NULL; @@ -973,21 +991,23 @@ static void convert_PCREDENTIALW_to_PCREDENTIALA(const CREDENTIALW *CredentialW, if (CredentialW->TargetAlias) { CredentialA->TargetAlias = buffer; - string_len = WideCharToMultiByte(CP_ACP, 0, CredentialW->TargetAlias, -1, CredentialA->TargetAlias, -1, NULL, NULL); + string_len = WideCharToMultiByte(CP_ACP, 0, CredentialW->TargetAlias, -1, buffer, len, NULL, NULL); buffer += string_len; - *len += string_len; + needed += string_len; + len -= string_len; } else CredentialA->TargetAlias = NULL; if (CredentialW->UserName) { CredentialA->UserName = buffer; - string_len = WideCharToMultiByte(CP_ACP, 0, CredentialW->UserName, -1, CredentialA->UserName, -1, NULL, NULL); - buffer += string_len; - *len += string_len; + string_len = WideCharToMultiByte(CP_ACP, 0, CredentialW->UserName, -1, buffer, len, NULL, NULL); + needed += string_len; } else CredentialA->UserName = NULL; + + return needed; } static void convert_PCREDENTIALA_to_PCREDENTIALW(const CREDENTIALA *CredentialA, PCREDENTIALW CredentialW, DWORD *len) @@ -1165,7 +1185,8 @@ BOOL WINAPI CredEnumerateA(LPCSTR Filter, DWORD Flags, DWORD *Count, LPWSTR FilterW; PCREDENTIALW *CredentialsW; DWORD i; - DWORD len; + INT len; + INT needed; char *buffer; TRACE("(%s, 0x%x, %p, %p)\n", debugstr_a(Filter), Flags, Count, Credentials); @@ -1193,7 +1214,7 @@ BOOL WINAPI CredEnumerateA(LPCSTR Filter, DWORD Flags, DWORD *Count, len = *Count * sizeof(PCREDENTIALA); for (i = 0; i < *Count; i++) - convert_PCREDENTIALW_to_PCREDENTIALA(CredentialsW[i], NULL, &len); + len += convert_PCREDENTIALW_to_PCREDENTIALA(CredentialsW[i], NULL, 0); *Credentials = HeapAlloc(GetProcessHeap(), 0, len); if (!*Credentials) @@ -1204,12 +1225,13 @@ BOOL WINAPI CredEnumerateA(LPCSTR Filter, DWORD Flags, DWORD *Count, } buffer = (char *)&(*Credentials)[*Count]; + len -= *Count * sizeof(PCREDENTIALA); for (i = 0; i < *Count; i++) { - len = 0; (*Credentials)[i] = (PCREDENTIALA)buffer; - convert_PCREDENTIALW_to_PCREDENTIALA(CredentialsW[i], (*Credentials)[i], &len); - buffer += len; + needed = convert_PCREDENTIALW_to_PCREDENTIALA(CredentialsW[i], (*Credentials)[i], len); + buffer += needed; + len -= needed; } CredFree(CredentialsW); @@ -1338,7 +1360,7 @@ BOOL WINAPI CredReadA(LPCSTR TargetName, DWORD Type, DWORD Flags, PCREDENTIALA * { LPWSTR TargetNameW; PCREDENTIALW CredentialW; - DWORD len; + INT len; TRACE("(%s, %d, 0x%x, %p)\n", debugstr_a(TargetName), Type, Flags, Credential); @@ -1364,16 +1386,14 @@ BOOL WINAPI CredReadA(LPCSTR TargetName, DWORD Type, DWORD Flags, PCREDENTIALA * } HeapFree(GetProcessHeap(), 0, TargetNameW); - len = 0; - convert_PCREDENTIALW_to_PCREDENTIALA(CredentialW, NULL, &len); + len = convert_PCREDENTIALW_to_PCREDENTIALA(CredentialW, NULL, 0); *Credential = HeapAlloc(GetProcessHeap(), 0, len); if (!*Credential) { SetLastError(ERROR_OUTOFMEMORY); return FALSE; } - len = 0; - convert_PCREDENTIALW_to_PCREDENTIALA(CredentialW, *Credential, &len); + convert_PCREDENTIALW_to_PCREDENTIALA(CredentialW, *Credential, len); CredFree(CredentialW); @@ -1545,7 +1565,7 @@ BOOL WINAPI CredReadDomainCredentialsA(PCREDENTIAL_TARGET_INFORMATIONA TargetInf DWORD Flags, DWORD *Size, PCREDENTIALA **Credentials) { PCREDENTIAL_TARGET_INFORMATIONW TargetInformationW; - DWORD len, i; + INT len, i; WCHAR *buffer, *end; BOOL ret; PCREDENTIALW* CredentialsW; @@ -1654,10 +1674,11 @@ BOOL WINAPI CredReadDomainCredentialsA(PCREDENTIAL_TARGET_INFORMATIONA TargetInf if (ret) { char *buf; + INT needed; len = *Size * sizeof(PCREDENTIALA); for (i = 0; i < *Size; i++) - convert_PCREDENTIALW_to_PCREDENTIALA(CredentialsW[i], NULL, &len); + len += convert_PCREDENTIALW_to_PCREDENTIALA(CredentialsW[i], NULL, 0); *Credentials = HeapAlloc(GetProcessHeap(), 0, len); if (!*Credentials) @@ -1668,12 +1689,13 @@ BOOL WINAPI CredReadDomainCredentialsA(PCREDENTIAL_TARGET_INFORMATIONA TargetInf } buf = (char *)&(*Credentials)[*Size]; + len -= *Size * sizeof(PCREDENTIALA); for (i = 0; i < *Size; i++) { - len = 0; (*Credentials)[i] = (PCREDENTIALA)buf; - convert_PCREDENTIALW_to_PCREDENTIALA(CredentialsW[i], (*Credentials)[i], &len); - buf += len; + needed = convert_PCREDENTIALW_to_PCREDENTIALA(CredentialsW[i], (*Credentials)[i], len); + buf += needed; + len -= needed; } CredFree(CredentialsW);