"Dan Kegel" <[EMAIL PROTECTED]> writes: > Without this patch, NtAccessCheck() references uninitialized > memory (it seems to send the entire ACL with the user's > length to the server, not just sizeof(ACL)). This showed up as > valgrind errors when running "make test" in advapi32. > I suppose the right fix might be to send just sizeof(ACL) bytes > to the server, but I wouldn't know, and initializing all > the bytes given by the caller seems innocuous enough.
It isn't innocuous, if Windows doesn't do it then it's quite likely that apps will pass a too large size, we've had that kind of problem in some other places already. -- Alexandre Julliard [EMAIL PROTECTED]
