You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There is a bug in the createWindowsDACL() function where the memory allocation for the DACL is incorrectly calculated. This miscalculation leads to insufficient memory allocation for the ACCESS_ALLOWED_ACE structures, potentially causing buffer overflows and undefined behavior when these structures are used.
Expected Behavior
The function should allocate sufficient memory for the DACL by including the size of the ACCESS_ALLOWED_ACE structure for each ACE in the total memory calculation. The correct calculation should sum up the sizes of the ACL, all ACCESS_ALLOWED_ACE structures, and the SIDs involved.
Actual Behavior
The current implementation of the createWindowsDACL() function incorrectly calculates the total memory required for the DACL. The existing code is:
Overview
There is a bug in the
createWindowsDACL()
function where the memory allocation for the DACL is incorrectly calculated. This miscalculation leads to insufficient memory allocation for theACCESS_ALLOWED_ACE
structures, potentially causing buffer overflows and undefined behavior when these structures are used.Expected Behavior
The function should allocate sufficient memory for the DACL by including the size of the
ACCESS_ALLOWED_ACE
structure for each ACE in the total memory calculation. The correct calculation should sum up the sizes of the ACL, allACCESS_ALLOWED_ACE
structures, and the SIDs involved.Actual Behavior
The current implementation of the
createWindowsDACL()
function incorrectly calculates the total memory required for the DACL. The existing code is:This calculation mistakenly adds the size of ACCESS_ALLOWED_ACE twice while adding the lengths of all three SIDs.
Context
Discovered during code review
The text was updated successfully, but these errors were encountered: