On 20 September 2010 17:51, Mike Frysinger <vap...@gentoo.org> wrote: > well, i dont think this issue is limited to shell32. it's just the only one > to hit it atm. what about my other patch i posted ? > http://www.winehq.org/pipermail/wine-patches/2010-September/093377.html >
How does fortify work? See http://blogs.msdn.com/b/oldnewthing/archive/2004/08/26/220873.aspx for information on how to allocate these structures. Specifically: PTOKEN_GROUPS TokenGroups = malloc(FIELD_OFFSET(TOKEN_GROUPS, Groups[NumberOfGroups])); The article explains that: PTOKEN_GROUPS TokenGroups = malloc(sizeof(TOKEN_GROUPS) + NumberOfGroups * sizeof(SID_AND_ATTRIBUTES)); crashes on 64-bit platforms with STATUS_DATATYPE_MISALIGNMENT due to the data being placed on a 4-byte, not 8-byte, boundary. Is the shell32 code running into something similar -- that is, are the calculations for the allocated memory blocks using these ANYSIZE_ARRAY structures wrong? - Reece