ntdll: Fix buffer overread in RtlNumberOfSetBits.

4f74de5b · Aleksey Bragin · Alexandre Julliard · 1b3feb2a · 4f74de5b
Commit 4f74de5b authored Dec 24, 2008 by Aleksey Bragin Committed by Alexandre Julliard Jan 07, 2009
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 3 deletions

rtlbitmap.c dlls/ntdll/rtlbitmap.c +6 -3

No files found.
--- a/dlls/ntdll/rtlbitmap.c
+++ b/dlls/ntdll/rtlbitmap.c
@@ -555,9 +555,12 @@ ULONG WINAPI RtlNumberOfSetBits(PCRTL_BITMAP lpBits)
      lpOut++;
    }

-    bMasked = *lpOut & NTDLL_maskBits[ulRemainder];
-    ulSet += NTDLL_nibbleBitCount[bMasked >> 4];
-    ulSet += NTDLL_nibbleBitCount[bMasked & 0xf];
+    if (ulRemainder)
+    {
+      bMasked = *lpOut & NTDLL_maskBits[ulRemainder];
+      ulSet += NTDLL_nibbleBitCount[bMasked >> 4];
+      ulSet += NTDLL_nibbleBitCount[bMasked & 0xf];
+    }
  }
  return ulSet;
 }