https://git.reactos.org/?p=reactos.git;a=commitdiff;h=cf40421041eeea92a29520a9d04868cb804239ca
commit cf40421041eeea92a29520a9d04868cb804239ca
Author: Thomas Faber <thomas.fa...@reactos.org>
AuthorDate: Wed Feb 20 12:21:03 2019 +0100
Commit: Thomas Faber <thomas.fa...@reactos.org>
CommitDate: Wed Feb 20 12:23:33 2019 +0100
[NTOS:PNP] Correctly respect data size in PnpRegSzToString. CORE-15766
Spotted by Vadim Galyant.
---
ntoskrnl/io/pnpmgr/pnputil.c | 17 +++++++++++++----
1 file changed, 13 insertions(+), 4 deletions(-)
diff --git a/ntoskrnl/io/pnpmgr/pnputil.c b/ntoskrnl/io/pnpmgr/pnputil.c
index 3ed75b2c07..8f17304187 100644
--- a/ntoskrnl/io/pnpmgr/pnputil.c
+++ b/ntoskrnl/io/pnpmgr/pnputil.c
@@ -175,11 +175,20 @@ PnpRegSzToString(IN PWCHAR RegSzData,
PWCHAR p, pp;
/* Find the end */
- pp = RegSzData + RegSzLength;
- for (p = RegSzData; p < pp; p++) if (!*p) break;
+ pp = RegSzData + RegSzLength / sizeof(WCHAR);
+ for (p = RegSzData; p < pp; p++)
+ {
+ if (!*p)
+ {
+ break;
+ }
+ }
- /* Return it */
- if (StringLength) *StringLength = (USHORT)(p - RegSzData) * sizeof(WCHAR);
+ /* Return the length. Truncation can happen but is of no consequence. */
+ if (StringLength)
+ {
+ *StringLength = (USHORT)(p - RegSzData) * sizeof(WCHAR);
+ }
return TRUE;
}
