From: Thomas Faber <thomas.faber@reactos.org>
Date: Wed, 20 Feb 2019 11:21:03 +0000 (+0100)
Subject: [NTOS:PNP] Correctly respect data size in PnpRegSzToString. CORE-15766
X-Git-Tag: 0.4.13-dev~365
X-Git-Url: https://git.reactos.org/?p=reactos.git;a=commitdiff_plain;h=cf40421041eeea92a29520a9d04868cb804239ca;ds=sidebyside

[NTOS:PNP] Correctly respect data size in PnpRegSzToString. CORE-15766

Spotted by Vadim Galyant.
---

diff --git a/ntoskrnl/io/pnpmgr/pnputil.c b/ntoskrnl/io/pnpmgr/pnputil.c
index 3ed75b2c071..8f173041871 100644
--- a/ntoskrnl/io/pnpmgr/pnputil.c
+++ b/ntoskrnl/io/pnpmgr/pnputil.c
@@ -175,11 +175,20 @@ PnpRegSzToString(IN PWCHAR RegSzData,
     PWCHAR p, pp;
 
     /* Find the end */
-    pp = RegSzData + RegSzLength;
-    for (p = RegSzData; p < pp; p++) if (!*p) break;
+    pp = RegSzData + RegSzLength / sizeof(WCHAR);
+    for (p = RegSzData; p < pp; p++)
+    {
+        if (!*p)
+        {
+            break;
+        }
+    }
 
-    /* Return it */
-    if (StringLength) *StringLength = (USHORT)(p - RegSzData) * sizeof(WCHAR);
+    /* Return the length. Truncation can happen but is of no consequence. */
+    if (StringLength)
+    {
+        *StringLength = (USHORT)(p - RegSzData) * sizeof(WCHAR);
+    }
     return TRUE;
 }