From 44c64aef31f0e21e300e9944217e3fd1131b1d2e Mon Sep 17 00:00:00 2001
From: Juan Lang <juan.lang@gmail.com>
Date: Sun, 4 Nov 2007 15:48:36 -0800
Subject: [PATCH] wsock32: Correctly handle the case where a table size is 0 in
 IP_MIB_TABLE_ENTRY_ID.

Spotted by Gerald Pfeifer.
---
 dlls/wsock32/socket.c | 24 ++++++++++++++++++------
 1 file changed, 18 insertions(+), 6 deletions(-)

diff --git a/dlls/wsock32/socket.c b/dlls/wsock32/socket.c
index 044761b33c3..12f01aea3fe 100644
--- a/dlls/wsock32/socket.c
+++ b/dlls/wsock32/socket.c
@@ -442,8 +442,12 @@ DWORD WINAPI WsControl(DWORD protocol,
                   if (!pcbResponseInfoLen)
                      return ERROR_BAD_ENVIRONMENT;
                   GetIpForwardTable(NULL, &routeTableSize, FALSE);
-                  numRoutes = min(routeTableSize - sizeof(MIB_IPFORWARDTABLE),
-                   0) / sizeof(MIB_IPFORWARDROW) + 1;
+                  if (!routeTableSize) {
+                      *pcbResponseInfoLen = 0;
+                      return WSCTL_SUCCESS;
+                  }
+                  numRoutes = (routeTableSize - sizeof(MIB_IPFORWARDTABLE))
+                   / sizeof(MIB_IPFORWARDROW) + 1;
                   if (*pcbResponseInfoLen < sizeof(IPRouteEntry) * numRoutes)
                      return (ERROR_LOCK_VIOLATION);
                   table = HeapAlloc( GetProcessHeap(), HEAP_ZERO_MEMORY, routeTableSize );
@@ -491,8 +495,12 @@ DWORD WINAPI WsControl(DWORD protocol,
                   if (!pcbResponseInfoLen)
                      return ERROR_BAD_ENVIRONMENT;
                   GetIpNetTable(NULL, &arpTableSize, FALSE);
-                  numEntries = min(arpTableSize - sizeof(MIB_IPNETTABLE),
-                   0) / sizeof(MIB_IPNETROW) + 1;
+                  if (!arpTableSize) {
+                      *pcbResponseInfoLen = 0;
+                      return WSCTL_SUCCESS;
+                  }
+                  numEntries = (arpTableSize - sizeof(MIB_IPNETTABLE))
+                   / sizeof(MIB_IPNETROW) + 1;
                   if (*pcbResponseInfoLen < sizeof(MIB_IPNETROW) * numEntries)
                      return (ERROR_LOCK_VIOLATION);
                   table = HeapAlloc( GetProcessHeap(), HEAP_ZERO_MEMORY, arpTableSize );
@@ -529,8 +537,12 @@ DWORD WINAPI WsControl(DWORD protocol,
                   if (!pcbResponseInfoLen)
                      return ERROR_BAD_ENVIRONMENT;
                   GetTcpTable(NULL, &tcpTableSize, FALSE);
-                  numEntries = min(tcpTableSize - sizeof(MIB_TCPTABLE),
-                   0) / sizeof(MIB_TCPROW) + 1;
+                  if (!tcpTableSize) {
+                      *pcbResponseInfoLen = 0;
+                      return WSCTL_SUCCESS;
+                  }
+                  numEntries = (tcpTableSize - sizeof(MIB_TCPTABLE))
+                   / sizeof(MIB_TCPROW) + 1;
                   if (*pcbResponseInfoLen < sizeof(MIB_TCPROW) * numEntries)
                      return (ERROR_LOCK_VIOLATION);
                   table = HeapAlloc( GetProcessHeap(), HEAP_ZERO_MEMORY, tcpTableSize );