Replace std::unique_ptr<T[]> with HeapArray for:
rlz/win/lib/machine_id_win.cc We need to replace occurrences of std::unique_ptr<T[]> with base::HeapArray<T>. Using std::unique_ptr<T[]> does not automatically preserve the size of the allocation. This forces a need for ad-hoc bounds checks, leading to bugs which attackers use to compromise our users. https://docs.google.com/document/d/1YsPR8GoN8VTP1ABKCISaQkuBif1Cn80cTxTjsM8QT4s/edit Fixed: 326458437 Change-Id: Ieb0c0d4499dcf8fe66671772ddedb9c4c04c62b2 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5737759 Reviewed-by: Sylvain Defresne <sdefresne@chromium.org> Commit-Queue: Sylvain Defresne <sdefresne@chromium.org> Auto-Submit: Ari Chivukula <arichiv@chromium.org> Cr-Commit-Position: refs/heads/main@{#1332898}
This commit is contained in:

committed by
Chromium LUCI CQ

parent
d79d1f97f2
commit
3dd5eb19b8
@ -14,6 +14,7 @@
|
||||
#include <memory>
|
||||
#include <string>
|
||||
|
||||
#include "base/containers/heap_array.h"
|
||||
#include "base/strings/utf_string_conversions.h"
|
||||
#include "rlz/lib/assert.h"
|
||||
|
||||
@ -48,14 +49,15 @@ bool GetSystemVolumeSerialNumber(int* number) {
|
||||
bool GetComputerSid(const wchar_t* account_name, SID* sid, DWORD sid_size) {
|
||||
static const DWORD kStartDomainLength = 128; // reasonable to start with
|
||||
|
||||
std::unique_ptr<wchar_t[]> domain_buffer(new wchar_t[kStartDomainLength]);
|
||||
base::HeapArray<wchar_t> domain_buffer =
|
||||
base::HeapArray<wchar_t>::Uninit(kStartDomainLength);
|
||||
DWORD domain_size = kStartDomainLength;
|
||||
DWORD sid_dword_size = sid_size;
|
||||
SID_NAME_USE sid_name_use;
|
||||
|
||||
BOOL success = ::LookupAccountNameW(NULL, account_name, sid,
|
||||
&sid_dword_size, domain_buffer.get(),
|
||||
&domain_size, &sid_name_use);
|
||||
BOOL success =
|
||||
::LookupAccountNameW(NULL, account_name, sid, &sid_dword_size,
|
||||
domain_buffer.data(), &domain_size, &sid_name_use);
|
||||
if (!success && ::GetLastError() == ERROR_INSUFFICIENT_BUFFER) {
|
||||
// We could have gotten the insufficient buffer error because
|
||||
// one or both of sid and szDomain was too small. Check for that
|
||||
@ -64,11 +66,11 @@ bool GetComputerSid(const wchar_t* account_name, SID* sid, DWORD sid_size) {
|
||||
return false;
|
||||
|
||||
if (domain_size > kStartDomainLength)
|
||||
domain_buffer.reset(new wchar_t[domain_size]);
|
||||
domain_buffer = base::HeapArray<wchar_t>::Uninit(domain_size);
|
||||
|
||||
success = ::LookupAccountNameW(NULL, account_name, sid, &sid_dword_size,
|
||||
domain_buffer.get(), &domain_size,
|
||||
&sid_name_use);
|
||||
success =
|
||||
::LookupAccountNameW(NULL, account_name, sid, &sid_dword_size,
|
||||
domain_buffer.data(), &domain_size, &sid_name_use);
|
||||
}
|
||||
|
||||
return success != FALSE;
|
||||
|
Reference in New Issue
Block a user