[ros-dev] Overrun in lib/rtl/acl.c and possible fix
Eric Kohl
eric.kohl at t-online.de
Wed Oct 6 18:29:37 CEST 2004
"art yerkes" <ayerkes at speakeasy.net> wrote:
> >From current CVS, running in whole-page alloc mode, I see a buffer
> overrun in lib/rtl/acl.c early in the boot process. What I see is
> a few calls to RtlpAddKnownAce which slowly overgrow the available
> buffer. The following patch fixes it, but I don't know if it's
> right as I'm not sure if AclSize should be adjusted. The reason
> a patch like this is needed is that AclSize is checked against
> the size of the Sid to be copied in, but that size never changes
> so as many sids as desired could be copied in without the check
> at line 136 going off, thus overrunning available space.
Hi Art,
modifying AclSize is a bad idea because it is the size of the ACL, including
unused buffer size, but not the size of unused buffer. I attached a patch
that checks whether the new ACE fits into the unused buffer space of the
ACL.
Regards,
Eric
-------------- next part --------------
A non-text attachment was scrubbed...
Name: acl.diff
Type: application/octet-stream
Size: 531 bytes
Desc: not available
Url : http://reactos.com:8080/pipermail/ros-dev/attachments/20041006/85c39c8d/acl.obj
More information about the Ros-dev
mailing list