PLIST_ENTRY ServiceEntry;
PSERVICE CurrentService;
+ ASSERT(lpService != NULL);
+ ASSERT(lpService->lpGroup != NULL);
+
dwError = RegOpenKeyExW(HKEY_LOCAL_MACHINE,
L"System\\CurrentControlSet\\Control\\GroupOrderList",
0,
NULL,
&cbDataSize);
- if (dwError != ERROR_MORE_DATA)
+ if (dwError != ERROR_SUCCESS && dwError != ERROR_MORE_DATA)
goto findFreeTag;
pdwGroupTags = HeapAlloc(GetProcessHeap(), 0, cbDataSize);
if (dwError != ERROR_SUCCESS)
goto findFreeTag;
- dwGroupTagCount = min(pdwGroupTags[0], cbDataSize / sizeof(pdwGroupTags[0]));
+ if (cbDataSize < sizeof(pdwGroupTags[0]))
+ goto findFreeTag;
+
+ dwGroupTagCount = min(pdwGroupTags[0], cbDataSize / sizeof(pdwGroupTags[0]) - 1);
findFreeTag:
do
ServiceEntry = lpService->ServiceListEntry.Flink;
while (ServiceEntry != &lpService->ServiceListEntry)
{
+ ASSERT(ServiceEntry != NULL);
CurrentService = CONTAINING_RECORD(ServiceEntry, SERVICE, ServiceListEntry);
if (CurrentService->lpGroup == lpService->lpGroup)
{
DPRINT("dwErrorControl = %lu\n", dwErrorControl);
DPRINT("lpBinaryPathName = %S\n", lpBinaryPathName);
DPRINT("lpLoadOrderGroup = %S\n", lpLoadOrderGroup);
+ DPRINT("lpdwTagId = %p\n", lpdwTagId);
if (ScmShutdown)
return ERROR_SHUTDOWN_IN_PROGRESS;
return ERROR_INVALID_PARAMETER;
}
+ if (lpdwTagId && (!lpLoadOrderGroup || !*lpLoadOrderGroup))
+ {
+ return ERROR_INVALID_PARAMETER;
+ }
+
/* Lock the service database exclusively */
ScmLockDatabaseExclusive();