Added patch to improve invalid paramater handling in NtAccessCheck.

patches/ntdll-NtAccessCheck/0001-ntdll-Improve-invalid-paramater-handling-in-NtAccess.patch

@@ -0,0 +1,77 @@
+From 77f149959058b5e45a2fd462b5077ae417bc5857 Mon Sep 17 00:00:00 2001
+From: Qian Hong <qhong@codeweavers.com>
+Date: Tue, 16 Feb 2016 04:53:12 +0800
+Subject: ntdll: Improve invalid paramater handling in NtAccessCheck.
+
+Signed-off-by: Qian Hong <qhong@codeweavers.com>
+---
+ dlls/advapi32/tests/security.c |  8 --------
+ dlls/ntdll/sec.c               | 11 ++++++++++-
+ 2 files changed, 10 insertions(+), 9 deletions(-)
+
+diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
+index 8b86d45..698a9aa 100644
+--- a/dlls/advapi32/tests/security.c
++++ b/dlls/advapi32/tests/security.c
+@@ -1429,10 +1429,8 @@ static void test_AccessCheck(void)
+     ret = AccessCheck(SecurityDescriptor, Token, KEY_READ, &Mapping,
+                       0, &PrivSetLen, &Access, &AccessStatus);
+     err = GetLastError();
+-todo_wine
+     ok(!ret && err == ERROR_INSUFFICIENT_BUFFER, "AccessCheck should have "
+        "failed with ERROR_INSUFFICIENT_BUFFER, instead of %d\n", err);
+-todo_wine
+     ok(PrivSetLen == sizeof(PRIVILEGE_SET), "PrivSetLen returns %d\n", PrivSetLen);
+     ok(Access == 0x1abe11ed && AccessStatus == 0x1abe11ed,
+        "Access and/or AccessStatus were changed!\n");
+@@ -1483,12 +1481,9 @@ todo_wine
+     ret = AccessCheck(SecurityDescriptor, Token, KEY_READ, &Mapping,
+                       PrivSet, &PrivSetLen, &Access, &AccessStatus);
+     err = GetLastError();
+-todo_wine
+     ok(!ret && err == ERROR_INSUFFICIENT_BUFFER, "AccessCheck should have "
+        "failed with ERROR_INSUFFICIENT_BUFFER, instead of %d\n", err);
+-todo_wine
+     ok(PrivSetLen == sizeof(PRIVILEGE_SET), "PrivSetLen returns %d\n", PrivSetLen);
+-todo_wine
+     ok(Access == 0x1abe11ed && AccessStatus == 0x1abe11ed,
+        "Access and/or AccessStatus were changed!\n");
+ 
+@@ -1600,12 +1595,9 @@ todo_wine
+         ret = AccessCheck(SecurityDescriptor, Token, KEY_READ, &Mapping,
+                           PrivSet, &PrivSetLen, &Access, &AccessStatus);
+         err = GetLastError();
+-    todo_wine
+         ok(!ret && err == ERROR_INSUFFICIENT_BUFFER, "AccessCheck should have "
+            "failed with ERROR_INSUFFICIENT_BUFFER, instead of %d\n", err);
+-    todo_wine
+         ok(PrivSetLen == sizeof(PRIVILEGE_SET), "PrivSetLen returns %d\n", PrivSetLen);
+-    todo_wine
+         ok(Access == 0x1abe11ed && AccessStatus == 0x1abe11ed,
+            "Access and/or AccessStatus were changed!\n");
+ 
+diff --git a/dlls/ntdll/sec.c b/dlls/ntdll/sec.c
+index 125c86e..c32ae0c 100644
+--- a/dlls/ntdll/sec.c
++++ b/dlls/ntdll/sec.c
+@@ -1586,7 +1586,16 @@ NtAccessCheck(
+         SecurityDescriptor, ClientToken, DesiredAccess, GenericMapping,
+         PrivilegeSet, ReturnLength, GrantedAccess, AccessStatus);
+ 
+-    if (!PrivilegeSet || !ReturnLength)
++    if (!ReturnLength)
++        return STATUS_ACCESS_VIOLATION;
++
++    if (*ReturnLength == 0)
++    {
++        *ReturnLength = sizeof(PRIVILEGE_SET);
++        return STATUS_BUFFER_TOO_SMALL;
++    }
++
++    if (!PrivilegeSet)
+         return STATUS_ACCESS_VIOLATION;
+ 
+     SERVER_START_REQ( access_check )
+-- 
+2.7.1
+

patches/ntdll-NtAccessCheck/definition

@@ -0,0 +1 @@
+Fixes: Improve invalid paramater handling in NtAccessCheck