Added patch to fix invalid memory access in get_registry_locale_info.

2025-09-12 18:50:20 -07:00 · 2015-04-03 17:30:35 +02:00
parent a6bdf0d803
commit 70ca8ccdee
5 changed files with 83 additions and 15 deletions
--- a/patches/kernel32-get_registry_locale_info/0001-kernel32-Fix-calculation-of-returned-buffer-in-get_r.patch
+++ b/patches/kernel32-get_registry_locale_info/0001-kernel32-Fix-calculation-of-returned-buffer-in-get_r.patch
@@ -0,0 +1,46 @@
+From 702df8220cc4393c65e280d3706311dd0a41ded1 Mon Sep 17 00:00:00 2001
+From: Sebastian Lackner <sebastian@fds-team.de>
+Date: Fri, 3 Apr 2015 14:44:27 +0200
+Subject: kernel32: Fix calculation of returned buffer in
+ get_registry_locale_info.
+
+Fixes a regression introduced by 8826ba1bc86fefa22c543608585ae8f3b4310a5f.
+We cannot decide if we have to append a terminating null char unless we have queried again with a bigger buffer.
+---
+ dlls/kernel32/locale.c | 13 +++++++++++--
+ 1 file changed, 11 insertions(+), 2 deletions(-)
+
+diff --git a/dlls/kernel32/locale.c b/dlls/kernel32/locale.c
+index afc5b9d..7798b91 100644
+--- a/dlls/kernel32/locale.c
+++ b/dlls/kernel32/locale.c
+@@ -1177,6 +1177,17 @@ static INT get_registry_locale_info( struct registry_value *registry_value, LPWS
+ 
+         status = NtQueryValueKey( hkey, &nameW, KeyValuePartialInformation, info, size, &size );
+ 
+        /* try again with a bigger buffer when we have to return the correct size */
+        if (status == STATUS_BUFFER_OVERFLOW && !buffer && size > info_size)
+        {
+            KEY_VALUE_PARTIAL_INFORMATION *new_info;
+            if ((new_info = HeapReAlloc( GetProcessHeap(), 0, info, size )))
+            {
+                info = new_info;
+                status = NtQueryValueKey( hkey, &nameW, KeyValuePartialInformation, info, size, &size );
+            }
+        }
+
+         NtClose( hkey );
+ 
+         if (!status)
+@@ -1207,8 +1218,6 @@ static INT get_registry_locale_info( struct registry_value *registry_value, LPWS
+             if (status == STATUS_BUFFER_OVERFLOW && !buffer)
+             {
+                 ret = (size - info_size) / sizeof(WCHAR);
+-                if (!ret || ((WCHAR *)&info->Data)[ret-1])
+-                    ret++;
+             }
+             else if (status == STATUS_OBJECT_NAME_NOT_FOUND)
+             {
+-- 
+2.3.3
+
--- a/patches/kernel32-get_registry_locale_info/definition
+++ b/patches/kernel32-get_registry_locale_info/definition
@@ -0,0 +1 @@
+Fixes: [38344] Fix invalid memory access in get_registry_locale_info
--- a/patches/patchinstall.sh
+++ b/patches/patchinstall.sh
@@ -123,6 +123,7 @@ patch_enable_all ()
 	enable_kernel32_Profile="$1"
 	enable_kernel32_SetFileInformationByHandle="$1"
 	enable_kernel32_VerifyVersionInfo="$1"
+	enable_kernel32_get_registry_locale_info="$1"
 	enable_libs_Unicode_Collation="$1"
 	enable_makedep_PARENTSPEC="$1"
 	enable_mmdevapi_AEV_Stubs="$1"
@@ -435,6 +436,9 @@ patch_enable ()
 		kernel32-VerifyVersionInfo)
 			enable_kernel32_VerifyVersionInfo="$2"
 			;;
+		kernel32-get_registry_locale_info)
+			enable_kernel32_get_registry_locale_info="$2"
+			;;
 		libs-Unicode_Collation)
 			enable_libs_Unicode_Collation="$2"
 			;;
@@ -2607,20 +2611,6 @@ if test "$enable_kernel32_Console_Handles" -eq 1; then
 	) >> "$patchlist"
 fi

-# Patchset kernel32-SetFileInformationByHandle
-# |
-# | Modified files:
-# |   *	dlls/kernel32/file.c, include/winbase.h
-# |
-if test "$enable_kernel32_SetFileInformationByHandle" -eq 1; then
-	patch_apply kernel32-SetFileInformationByHandle/0001-include-Declare-a-couple-more-file-information-class.patch
-	patch_apply kernel32-SetFileInformationByHandle/0002-kernel32-Implement-SetFileInformationByHandle.patch
-	(
-		echo '+    { "Michael Müller", "include: Declare a couple more file information class structures.", 1 },';
-		echo '+    { "Michael Müller", "kernel32: Implement SetFileInformationByHandle.", 1 },';
-	) >> "$patchlist"
-fi
-
 # Patchset ntdll-FileDispositionInformation
 # |
 # | This patchset fixes the following Wine bugs:
@@ -2640,6 +2630,20 @@ if test "$enable_ntdll_FileDispositionInformation" -eq 1; then
 	) >> "$patchlist"
 fi

+# Patchset kernel32-SetFileInformationByHandle
+# |
+# | Modified files:
+# |   *	dlls/kernel32/file.c, include/winbase.h
+# |
+if test "$enable_kernel32_SetFileInformationByHandle" -eq 1; then
+	patch_apply kernel32-SetFileInformationByHandle/0001-include-Declare-a-couple-more-file-information-class.patch
+	patch_apply kernel32-SetFileInformationByHandle/0002-kernel32-Implement-SetFileInformationByHandle.patch
+	(
+		echo '+    { "Michael Müller", "include: Declare a couple more file information class structures.", 1 },';
+		echo '+    { "Michael Müller", "kernel32: Implement SetFileInformationByHandle.", 1 },';
+	) >> "$patchlist"
+fi
+
 # Patchset kernel32-CopyFileEx
 # |
 # | This patchset fixes the following Wine bugs:
@@ -2875,6 +2879,21 @@ if test "$enable_kernel32_VerifyVersionInfo" -eq 1; then
 	) >> "$patchlist"
 fi

+# Patchset kernel32-get_registry_locale_info
+# |
+# | This patchset fixes the following Wine bugs:
+# |   *	[#38344] Fix invalid memory access in get_registry_locale_info
+# |
+# | Modified files:
+# |   *	dlls/kernel32/locale.c
+# |
+if test "$enable_kernel32_get_registry_locale_info" -eq 1; then
+	patch_apply kernel32-get_registry_locale_info/0001-kernel32-Fix-calculation-of-returned-buffer-in-get_r.patch
+	(
+		echo '+    { "Sebastian Lackner", "kernel32: Fix calculation of returned buffer in get_registry_locale_info.", 1 },';
+	) >> "$patchlist"
+fi
+
 # Patchset libs-Unicode_Collation
 # |
 # | This patchset fixes the following Wine bugs:
				`@@ -0,0 +1 @@`
				`Fixes: [38344] Fix invalid memory access in get_registry_locale_info`