| commit | e8fd99043a05583108ed461c797f09f9b0999224 | |
| author | Niklas Therning <niklas@therning.org> | |
| Wed, 31 Aug 2016 16:40:41 +0000 (31 18:40 +0200) | ||
| committer | Niklas Therning <niklas@therning.org> | |
| Wed, 31 Aug 2016 17:11:24 +0000 (31 19:11 +0200) | ||
| tree | 1c190ddf65625413fdff425711236fbff675bc63 | treesnapshot (tar.gz zip) |
| parent | 07f9a6fc173efc6e0c6718603981be12442b75bc | commitdiff |
Fixes two heap corruptions in the corlib tests on Windows
The patch of mono/metadata/marshal.c makes sure that
Marshal.StringToHGlobalAnsi() allocates a memory area for the returned C
string which is at least as large as the length of the string object. This is
the behavior on non-Windows platforms. Without this patch the
MarshalTest.StringToHGlobalAnsiWithNullValues() test wrote outside of a memory
area and corrupted the heap which later on caused a heap corruption crash when
running the corlib test suite on Windows.
The patch of mono/metadata/mono-security.c fixes the freeing of the memory
returned by GetNamedSecurityInfoW(). When GetNamedSecurityInfoW() is used to
request a DACL one must also pass an argument for the ppSecurityDescriptor
parameter and this is the one that should be freed later on, not the pointer
to the DACL as the original code used to free. Before this patch
DSACryptoServiceProviderTest.UseMachineKeyStore() crashed because of a heap
corruption.
The patch of mono/metadata/marshal.c makes sure that
Marshal.StringToHGlobalAnsi() allocates a memory area for the returned C
string which is at least as large as the length of the string object. This is
the behavior on non-Windows platforms. Without this patch the
MarshalTest.StringToHGlobalAnsiWithNullValues() test wrote outside of a memory
area and corrupted the heap which later on caused a heap corruption crash when
running the corlib test suite on Windows.
The patch of mono/metadata/mono-security.c fixes the freeing of the memory
returned by GetNamedSecurityInfoW(). When GetNamedSecurityInfoW() is used to
request a DACL one must also pass an argument for the ppSecurityDescriptor
parameter and this is the one that should be freed later on, not the pointer
to the DACL as the original code used to free. Before this patch
DSACryptoServiceProviderTest.UseMachineKeyStore() crashed because of a heap
corruption.
| mono/metadata/marshal.c | diffblobblamehistory | |
| mono/metadata/mono-security.c | diffblobblamehistory |