On 20 September 2010 17:51, Mike Frysinger vapier@gentoo.org wrote:
well, i dont think this issue is limited to shell32. it's just the only one to hit it atm. what about my other patch i posted ? http://www.winehq.org/pipermail/wine-patches/2010-September/093377.html
How does fortify work?
See http://blogs.msdn.com/b/oldnewthing/archive/2004/08/26/220873.aspx for information on how to allocate these structures. Specifically:
PTOKEN_GROUPS TokenGroups = malloc(FIELD_OFFSET(TOKEN_GROUPS, Groups[NumberOfGroups]));
The article explains that:
PTOKEN_GROUPS TokenGroups = malloc(sizeof(TOKEN_GROUPS) + NumberOfGroups * sizeof(SID_AND_ATTRIBUTES));
crashes on 64-bit platforms with STATUS_DATATYPE_MISALIGNMENT due to the data being placed on a 4-byte, not 8-byte, boundary.
Is the shell32 code running into something similar -- that is, are the calculations for the allocated memory blocks using these ANYSIZE_ARRAY structures wrong?
- Reece