Module: wine Branch: master Commit: 3b5107d06305972beaa9c5ff147ecbcd99949a75 URL: http://source.winehq.org/git/wine.git/?a=commit;h=3b5107d06305972beaa9c5ff14... Author: Alistair Leslie-Hughes <leslie_alistair(a)hotmail.com> Date: Wed Aug 19 12:18:11 2015 +1000 advapi32: Prevent buffer overrun. --- dlls/advapi32/security.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c index d1e2bb4..a40e639 100644 --- a/dlls/advapi32/security.c +++ b/dlls/advapi32/security.c @@ -4512,13 +4512,15 @@ static BOOL ParseStringSecurityDescriptorToSecurityDescriptor( { BOOL bret = FALSE; WCHAR toktype; - WCHAR tok[MAX_PATH]; + WCHAR *tok; LPCWSTR lptoken; LPBYTE lpNext = NULL; DWORD len; *cBytes = sizeof(SECURITY_DESCRIPTOR); + tok = heap_alloc( (lstrlenW(StringSecurityDescriptor) + 1) * sizeof(WCHAR)); + if (SecurityDescriptor) lpNext = (LPBYTE)(SecurityDescriptor + 1); @@ -4640,6 +4642,7 @@ static BOOL ParseStringSecurityDescriptorToSecurityDescriptor( bret = TRUE; lend: + heap_free(tok); return bret; }