ReceiveTempSMS
/
Sweden-Number
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

ntdll: Fix the overflow check in read_changes_apc(). 

Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
This commit is contained in:
Zebediah Figura 2020-03-22 19:11:29 -05:00 committed by Alexandre Julliard
parent ad9fb96e5b
commit cd2e053237
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
dlls/ntdll/file.c
View File

@ -1768,16 +1768,17 @@ static NTSTATUS read_changes_apc( void *user, IO_STATUS_BLOCK *iosb, NTSTATUS st
while (size && left >= sizeof(*pfni)) while (size && left >= sizeof(*pfni))
{ {
DWORD len = (left - offsetof(FILE_NOTIFY_INFORMATION, FileName)) / sizeof(WCHAR);
/* convert to an NT style path */ /* convert to an NT style path */
for (i = 0; i < event->len; i++) for (i = 0; i < event->len; i++)
if (event->name[i] == '/') event->name[i] = '\\'; if (event->name[i] == '/') event->name[i] = '\\';
pfni->Action = event->action; pfni->Action = event->action;
pfni->FileNameLength = ntdll_umbstowcs( event->name, event->len, pfni->FileName, pfni->FileNameLength = ntdll_umbstowcs( event->name, event->len, pfni->FileName, len );
(left - offsetof(FILE_NOTIFY_INFORMATION, FileName)) / sizeof(WCHAR));
last_entry_offset = &pfni->NextEntryOffset; last_entry_offset = &pfni->NextEntryOffset;
if (pfni->FileNameLength == -1 || pfni->FileNameLength == -2) break; if (pfni->FileNameLength == len) break;
i = offsetof(FILE_NOTIFY_INFORMATION, FileName[pfni->FileNameLength]); i = offsetof(FILE_NOTIFY_INFORMATION, FileName[pfni->FileNameLength]);
pfni->FileNameLength *= sizeof(WCHAR); pfni->FileNameLength *= sizeof(WCHAR);