RE: RE: [SPAM] RE: SecLookupAccountSid code section crashing

> -----Original Message-----

From: [mailto:bounce-459256-] On Behalf Of Tim Roberts
Sent: Tuesday, June 14, 2011 7:21 PM
To: Windows System Software Devs Interest List
Subject: Re: [ntdev] RE: [SPAM] RE: SecLookupAccountSid code section

Ah, we just wrote almost the same in parallel :wink:

The documentation for SecLookupAccountSid is very confusing. If I were
writing that API, I would have allowed NULL for NameBuffer when NameSize
was 0. The description implies that NameSize is both input and output,
although the annotation says __out. Iā€™m also not clear on why NameSize
and DomainSize are present at all, since a UNICODE_STRING always
includes a maximum length field.

Exactly. I quickly looked to the implementation (Win7) and it is like this. Both sizes are output only and code checks for String->MaximumLength.


NOTE: The information in this message is intended for the personal and confidential use of the designated recipient(s) named above. To the extent the recipient(s) is/are bound by a non-disclosure agreement, or other agreement that contains an obligation of confidentiality, with AuthenTec, then this message and/or any attachments shall be considered confidential information and subject to the confidentiality terms of that agreement. If the reader of this message is not the intended recipient named above, you are notified that you have received this document in error, and any review, dissemination, distribution or copying of this message is strictly prohibited. If you have received this document in error, please delete the original message and notify the sender immediately.
Thank You!
AuthenTec, Inc.