diff --git a/dlls/ntdll/sync.c b/dlls/ntdll/sync.c index 8e406ceaebe..bb462f211e7 100644 --- a/dlls/ntdll/sync.c +++ b/dlls/ntdll/sync.c @@ -114,6 +114,8 @@ NTSTATUS alloc_object_attributes( const OBJECT_ATTRIBUTES *attr, struct object_a } else if (attr->RootDirectory) return STATUS_OBJECT_NAME_INVALID; + len = (len + 3) & ~3; /* DWORD-align the entire structure */ + *ret = RtlAllocateHeap( GetProcessHeap(), HEAP_ZERO_MEMORY, len ); if (!*ret) return STATUS_NO_MEMORY; diff --git a/include/wine/server_protocol.h b/include/wine/server_protocol.h index 0b61b915f0b..24eb95be26d 100644 --- a/include/wine/server_protocol.h +++ b/include/wine/server_protocol.h @@ -6535,6 +6535,6 @@ union generic_reply struct terminate_job_reply terminate_job_reply; }; -#define SERVER_PROTOCOL_VERSION 559 +#define SERVER_PROTOCOL_VERSION 560 #endif /* __WINE_WINE_SERVER_PROTOCOL_H */ diff --git a/server/request.c b/server/request.c index 77f4f71d8aa..2dd84fbbb3c 100644 --- a/server/request.c +++ b/server/request.c @@ -214,16 +214,15 @@ const struct object_attributes *get_req_object_attributes( const struct security /* return a pointer to the request data following an object attributes structure */ const void *get_req_data_after_objattr( const struct object_attributes *attr, data_size_t *len ) { - const void *ptr; + data_size_t size = (sizeof(*attr) + (attr->sd_len & ~1) + (attr->name_len & ~1) + 3) & ~3; - if (attr == &empty_attributes) + if (attr == &empty_attributes || size >= get_req_data_size()) { *len = 0; return NULL; } - ptr = (const WCHAR *)(attr + 1) + attr->sd_len / sizeof(WCHAR) + attr->name_len / sizeof(WCHAR); - *len = get_req_data_size() - ((const char *)ptr - (const char *)get_req_data()); - return ptr; + *len = get_req_data_size() - size; + return (const char *)get_req_data() + size; } /* write the remaining part of the reply */ diff --git a/server/trace.c b/server/trace.c index 3c0d59257eb..1a28cac13e5 100644 --- a/server/trace.c +++ b/server/trace.c @@ -1119,8 +1119,7 @@ static void dump_varargs_object_attributes( const char *prefix, data_size_t size fprintf( stderr, ",name=L\"" ); dump_strW( str, objattr->name_len / sizeof(WCHAR), stderr, "\"\"" ); fputc( '\"', stderr ); - remove_data( ((sizeof(*objattr) + objattr->sd_len) / sizeof(WCHAR)) * sizeof(WCHAR) + - (objattr->name_len / sizeof(WCHAR)) * sizeof(WCHAR) ); + remove_data( (sizeof(*objattr) + (objattr->sd_len & ~1) + (objattr->name_len & ~1) + 3) & ~3 ); } fputc( '}', stderr ); }