From b29157e1013681af8e0af924b7cd52ea2fce83e1 Mon Sep 17 00:00:00 2001 From: Andrew Eikum Date: Mon, 12 Feb 2018 07:54:33 -0600 Subject: [PATCH] services: Fix reading past end of struct (Coverity). Signed-off-by: Andrew Eikum Signed-off-by: Alexandre Julliard --- programs/services/rpc.c | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/programs/services/rpc.c b/programs/services/rpc.c index 7c3fa1e5e9d..5ecd6601a56 100644 --- a/programs/services/rpc.c +++ b/programs/services/rpc.c @@ -821,6 +821,14 @@ DWORD __cdecl svcctl_ChangeServiceConfigW( return err; } +static void fill_status_process(SERVICE_STATUS_PROCESS *status, struct service_entry *service) +{ + struct process_entry *process = service->process; + memcpy(status, &service->status, sizeof(service->status)); + status->dwProcessId = process ? process->process_id : 0; + status->dwServiceFlags = 0; +} + static void fill_notify(struct sc_notify_handle *notify) { SC_RPC_NOTIFY_PARAMS_LIST *list; @@ -834,8 +842,7 @@ static void fill_notify(struct sc_notify_handle *notify) cparams = (SERVICE_NOTIFY_STATUS_CHANGE_PARAMS_2 *)(list + 1); cparams->dwNotifyMask = notify->notify_mask; - memcpy(&cparams->ServiceStatus, ¬ify->service->service_entry->status, - sizeof(SERVICE_STATUS_PROCESS)); + fill_status_process(&cparams->ServiceStatus, notify->service->service_entry); cparams->dwNotificationStatus = ERROR_SUCCESS; cparams->dwNotificationTriggered = 1 << (cparams->ServiceStatus.dwCurrentState - SERVICE_STOPPED); cparams->pszServiceNames = NULL; @@ -1013,14 +1020,6 @@ DWORD __cdecl svcctl_QueryServiceConfig2W( SC_RPC_HANDLE hService, DWORD level, return err; } -static void fill_status_process(SERVICE_STATUS_PROCESS *status, struct service_entry *service) -{ - struct process_entry *process = service->process; - memcpy(status, &service->status, sizeof(service->status)); - status->dwProcessId = process ? process->process_id : 0; - status->dwServiceFlags = 0; -} - DWORD __cdecl svcctl_QueryServiceStatusEx( SC_RPC_HANDLE hService, SC_STATUS_TYPE InfoLevel,