Skip to content

W
wine-cw
Commit 63ca94c4 authored by Alexandre Julliard's avatar Alexandre Julliard
Browse files
Options

kernel32: Fixed buffer overrun in get_registry_locale_info.

parent 6987a4b4
Hide whitespace changes
Inline Side-by-side
Showing with 10 additions and 7 deletions
dlls/kernel32/locale.c
View file @ 63ca94c4
...@@ -804,7 +804,6 @@ static INT get_registry_locale_info( LPCWSTR value, LPWSTR buffer, INT len ) ...@@ -804,7 +804,6 @@ static INT get_registry_locale_info( LPCWSTR value, LPWSTR buffer, INT len )
} }
status = NtQueryValueKey( hkey, &nameW, KeyValuePartialInformation, info, size, &size ); status = NtQueryValueKey( hkey, &nameW, KeyValuePartialInformation, info, size, &size );
if (status == STATUS_BUFFER_OVERFLOW && !buffer) status = 0;
if (!status) if (!status)
{ {
...@@ -825,14 +824,18 @@ static INT get_registry_locale_info( LPCWSTR value, LPWSTR buffer, INT len ) ...@@ -825,14 +824,18 @@ static INT get_registry_locale_info( LPCWSTR value, LPWSTR buffer, INT len )
buffer[ret-1] = 0; buffer[ret-1] = 0;
} }
} }
else if (status == STATUS_BUFFER_OVERFLOW && !buffer)
{
ret = (size - info_size) / sizeof(WCHAR) + 1;
}
else if (status == STATUS_OBJECT_NAME_NOT_FOUND)
{
ret = -1;
}
else else
{ {
if (status == STATUS_OBJECT_NAME_NOT_FOUND) ret = -1; SetLastError( RtlNtStatusToDosError(status) );
else ret = 0;
{
SetLastError( RtlNtStatusToDosError(status) );
ret = 0;
}
} }
NtClose( hkey ); NtClose( hkey );
HeapFree( GetProcessHeap(), 0, info ); HeapFree( GetProcessHeap(), 0, info );
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment