RtlUpcaseUnicodeString(): Allow also non-zero-terminable 'DestinationString'

diff --git a/ntoskrnl/rtl/unicode.c b/ntoskrnl/rtl/unicode.c
index e4797e1..38cfa22 100644 (file)
--- a/ntoskrnl/rtl/unicode.c
+++ b/ntoskrnl/rtl/unicode.c
@@ -1274,6 +1274,14 @@ RtlUpcaseUnicodeChar(IN WCHAR Source)
 }
 
 
+/*
+ * If 'AllocateDestinationString==TRUE' we return zero-terminated 'DestinationString' 
+ * with: DestinationString->MaximumLength=SourceString->Length+sizeof(WCHAR)
+ * If 'AllocateDestinationString==FALSE' we try to zero-terminate the passed 'DestinationString'
+ * but we will succeed with no termination if: SourceString->Length==DestinationString->MaximumLength
+ * Any zero-termination-related behaviour is undocumented by W32,
+ * is 'DestinationString' required to be zero-terminated at all? Dunno.
+ */
 NTSTATUS STDCALL
 RtlUpcaseUnicodeString(IN OUT PUNICODE_STRING DestinationString,
                       IN PUNICODE_STRING SourceString,
@@ -1294,7 +1302,7 @@ RtlUpcaseUnicodeString(IN OUT PUNICODE_STRING DestinationString,
     }
   else
     {
-      if (SourceString->Length >= DestinationString->MaximumLength)
+      if (SourceString->Length > DestinationString->MaximumLength)
        return(STATUS_BUFFER_TOO_SMALL);
     }
   DestinationString->Length = SourceString->Length;
@@ -1307,7 +1315,9 @@ RtlUpcaseUnicodeString(IN OUT PUNICODE_STRING DestinationString,
       Dest++;
       Src++;
     }
-  *Dest = 0;
+  /* We may get pre-allocated 'DestinationString' with no space for the terminator! */
+  if (SourceString->Length+sizeof(WCHAR) <= DestinationString->MaximumLength)
+    *Dest = 0;
   
   return(STATUS_SUCCESS);
 }