Commit 47acaeae authored by Rob Shearman's avatar Rob Shearman Committed by Alexandre Julliard

kernel32: Fix uninitialised memory read in GetPrivateProfileStringA if…

kernel32: Fix uninitialised memory read in GetPrivateProfileStringA if GetPrivateProfileStringW returns 0. The buffer that was passed into the function will remain uninitialised. Fix reading from this by only reading retW characters from bufferW and manually nul-terminating the string.
parent 2226b678
...@@ -1173,14 +1173,13 @@ INT WINAPI GetPrivateProfileStringA( LPCSTR section, LPCSTR entry, ...@@ -1173,14 +1173,13 @@ INT WINAPI GetPrivateProfileStringA( LPCSTR section, LPCSTR entry,
filenameW.Buffer); filenameW.Buffer);
if (len) if (len)
{ {
ret = WideCharToMultiByte(CP_ACP, 0, bufferW, retW + 1, buffer, len, NULL, NULL); if (retW)
if (!ret)
{ {
ret = len - 1; ret = WideCharToMultiByte(CP_ACP, 0, bufferW, retW, buffer, len - 1, NULL, NULL);
buffer[ret] = 0; if (!ret)
ret = len - 1;
} }
else buffer[ret] = 0;
ret--; /* strip terminating 0 */
} }
RtlFreeUnicodeString(&sectionW); RtlFreeUnicodeString(&sectionW);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment