[NTOSKRNL]
authorCameron Gutman <aicommander@gmail.com>
Fri, 18 Jun 2010 21:57:07 +0000 (21:57 +0000)
committerCameron Gutman <aicommander@gmail.com>
Fri, 18 Jun 2010 21:57:07 +0000 (21:57 +0000)
- Fix a string termination bug in the device interface code
- Thanks to janderwald for spotting the bug

svn path=/trunk/; revision=47801

reactos/ntoskrnl/io/iomgr/deviface.c

index a9b5e47..dcc086e 100644 (file)
@@ -105,18 +105,20 @@ OpenRegistryHandlesFromSymbolicLink(IN PUNICODE_STRING SymbolicLinkName,
         goto cleanup;
     }
 
-    SubKeyName.Buffer = ExAllocatePool(PagedPool, SymbolicLinkName->Length);
+    SubKeyName.MaximumLength = SymbolicLinkName->Length + sizeof(WCHAR);
+    SubKeyName.Length = 0;
+    SubKeyName.Buffer = ExAllocatePool(PagedPool, SubKeyName.MaximumLength);
     if (!SubKeyName.Buffer)
     {
         Status = STATUS_INSUFFICIENT_RESOURCES;
         goto cleanup;
     }
-    SubKeyName.MaximumLength = SymbolicLinkName->Length;
-    SubKeyName.Length = 0;
 
     RtlAppendUnicodeStringToString(&SubKeyName,
                                    SymbolicLinkName);
 
+    SubKeyName.Buffer[SubKeyName.Length / sizeof(WCHAR)] = UNICODE_NULL;
+
     SubKeyName.Buffer[0] = L'#';
     SubKeyName.Buffer[1] = L'#';
     SubKeyName.Buffer[2] = L'?';