Re: [PATCH 0/1] MR3505: ntdll: Implement NtCreateToken().

3 Aug 2023


      Hans Leidekker (@hans) commented about server/token.c:
...
+{

struct token *token;
struct object_attributes *objattr;
struct sid *user;
struct sid_attrs *groups = NULL;
struct luid_attr *privs = NULL;
struct acl *dacl = NULL;
unsigned int group_count = 0, priv_count = 0, i;
data_size_t data_size, groups_size = 0;
struct acl *default_dacl = NULL;

objattr = (struct object_attributes *)get_req_data();
user = (struct sid *)get_req_data_after_objattr( objattr, &data_size );

if (!user || data_size < sid_len( user ) )
{

You should check that sid_len() doesn't read past the end of the buffer.
-- 
https://gitlab.winehq.org/wine/wine/-/merge_requests/3505#note_41231

2025

2024

2023

2022

Re: [PATCH 0/1] MR3505: ntdll: Implement NtCreateToken().