git://git.openafs.org / openafs.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch (from parent 1: b170a84)
Windows: AFSParseName() uniFullName.MaximumLength
authorJeffrey Altman <jaltman@your-file-system.com>
Sun, 28 Jun 2015 17:27:03 +0000 (13:27 -0400)
committerJeffrey Altman <jaltman@your-file-system.com>
Thu, 24 Sep 2015 04:19:48 +0000 (00:19 -0400)
The uniFullName.MaximumLength in AFSParseName() is not properly
modified and can end up being extended beyond the actual memory
allocation due to a missing decrement.

Change-Id: I070ee33acd32849d05bbc83c6e7cfaf55e6a0997
Reviewed-on: http://gerrit.openafs.org/11913
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

src/WINNT/afsrdr/kernel/lib/AFSNameSupport.cpp patch | blob | history

diff --git a/src/WINNT/afsrdr/kernel/lib/AFSNameSupport.cpp b/src/WINNT/afsrdr/kernel/lib/AFSNameSupport.cpp
index 6448ded..58cb969 100644 (file)
--- a/src/WINNT/afsrdr/kernel/lib/AFSNameSupport.cpp
+++ b/src/WINNT/afsrdr/kernel/lib/AFSNameSupport.cpp
@@ -1,6 +1,6 @@
 /*
  * Copyright (c) 2008, 2009, 2010, 2011 Kernel Drivers, LLC.
- * Copyright (c) 2009, 2010, 2011 Your File System, Inc.
+ * Copyright (c) 2009, 2010, 2011, 2015 Your File System, Inc.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -3657,6 +3657,8 @@ AFSParseName( IN PIRP Irp,
         {
 
             uniFullName.Length -= sizeof( WCHAR);
+
+           uniFullName.MaximumLength -= sizeof( WCHAR);
         }
 
         //
OpenAFS Master Repository