Alexandre Julliard : ntdll: Fix memory corruption in RtlNormalizeString().

27 Dec 2019

Module: wine
Branch: master
Commit: ddb6f150e1175287574f4561e9661dda97eab330
URL:    https://source.winehq.org/git/wine.git/?a=commit;h=ddb6f150e1175287574f4561e...
Author: Alexandre Julliard julliard@winehq.org
Date:   Fri Dec 27 17:58:34 2019 +0100
ntdll: Fix memory corruption in RtlNormalizeString().
Signed-off-by: Alexandre Julliard julliard@winehq.org
---
dlls/ntdll/locale.c | 16 +++++-----------
 1 file changed, 5 insertions(+), 11 deletions(-)

diff --git a/dlls/ntdll/locale.c b/dlls/ntdll/locale.c
index e3f562808b..7e85f344dd 100644
--- a/dlls/ntdll/locale.c
+++ b/dlls/ntdll/locale.c
@@ -1585,20 +1585,14 @@ NTSTATUS WINAPI RtlNormalizeString( ULONG form, const WCHAR *src, INT src_len, W
     else
     {
         buf_len = src_len * 4;
-        do
+        for (;;)
         {
-            WCHAR *old_buf = buf;
-
-            if (!buf) buf = RtlAllocateHeap( GetProcessHeap(), 0, buf_len );
-            else buf = RtlReAllocateHeap( GetProcessHeap(), 0, buf, buf_len );
-            if (!buf)
-            {
-                RtlFreeHeap( GetProcessHeap(), 0, old_buf );
-                return STATUS_NO_MEMORY;
-            }
+            buf = RtlAllocateHeap( GetProcessHeap(), 0, buf_len * sizeof(WCHAR) );
+            if (!buf) return STATUS_NO_MEMORY;
             res = wine_decompose_string( flags, src, src_len, buf, buf_len );
+            if (res) break;
             buf_len *= 2;
-        } while (!res);
+        }
     }
if (compose)

    

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

Alexandre Julliard : ntdll: Fix memory corruption in RtlNormalizeString().