> -----Original Message-----
From: xxxxx@lists.osr.com [mailto:bounce-459277-
xxxxx@lists.osr.com] On Behalf Of xxxxx@yahoo.com
Sent: Tuesday, June 14, 2011 9:13 PM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] Re: RE: [SPAM] RE: SecLookupAccountSid code section
crashingZeroing out the owner before the first call to SecLookupAccountSid() seems
to be working thank you very much for that. I assumed that the variable
wouldnt have mattered if its size wasn’t large enough to hold the owner, but
assuming is bad and I agree I think you should be able to just pass NULL in
there or the function create the string itself to hold it.
Have you tried it? Should work.
Initializing every variable is a good idea in any case and in this one variable is marked as __inout so it should be taken as mandatory. Don’t assume, be safe, instead.
>This is also wrong:
>owner.Length = (USHORT)ownerSize + 1; /// for the ‘\0’
>UNICODE_STRING is UNICODE so you have to add sizeof(WCHAR);
>adding one byte doesn’t make sense.
Thank you that answers another question I had.
Anyway, later I realized it doesn’t make sense at all. Function gives you complete size of string buffer including trailing zero so no need to add anything. Also, there may not be trailing zero at all, it is not mandatory for UNICODE_STRINGs.
Michal
NOTE: The information in this message is intended for the personal and confidential use of the designated recipient(s) named above. To the extent the recipient(s) is/are bound by a non-disclosure agreement, or other agreement that contains an obligation of confidentiality, with AuthenTec, then this message and/or any attachments shall be considered confidential information and subject to the confidentiality terms of that agreement. If the reader of this message is not the intended recipient named above, you are notified that you have received this document in error, and any review, dissemination, distribution or copying of this message is strictly prohibited. If you have received this document in error, please delete the original message and notify the sender immediately.
Thank You!
AuthenTec, Inc. http://www.authentec.com/