From a07b569b255477fe754dcc836c411ace8e6d1b7b Mon Sep 17 00:00:00 2001
From: Thomas Faber <thomas.faber@reactos.org>
Date: Tue, 12 Dec 2017 12:38:45 +0100
Subject: [PATCH] [NTOS:KD] Don't assume null termination in
 KdpSerialDebugPrint and KdpScreenPrint. CORE-14057 CORE-14103

---
 ntoskrnl/kd/kdio.c | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/ntoskrnl/kd/kdio.c b/ntoskrnl/kd/kdio.c
index 3fedfd7ca5b..205842056ff 100644
--- a/ntoskrnl/kd/kdio.c
+++ b/ntoskrnl/kd/kdio.c
@@ -340,7 +340,7 @@ KdpSerialDebugPrint(LPSTR Message,
     }
 
     /* Output the message */
-    while (*pch != 0)
+    while (pch < Message + Length && *pch != '\0')
     {
         if (*pch == '\n')
         {
@@ -412,7 +412,7 @@ KdpScreenPrint(LPSTR Message,
     KIRQL OldIrql;
     PCHAR pch = (PCHAR) Message;
 
-    while (*pch)
+    while (pch < Message + Length && *pch)
     {
         if(*pch == '\b')
         {
@@ -584,9 +584,8 @@ KdpPrintString(
         _SEH2_TRY
         {
             ProbeForRead(UnsafeString, Length, 1);
-            String = _alloca(Length + 1);
+            String = _alloca(Length);
             RtlCopyMemory(String, UnsafeString, Length);
-            String[Length] = ANSI_NULL;
         }
         _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
         {
-- 
2.17.1