Merge pull request #898 from yosuke-wolfssl/f_404_405

ejohnstown · web-flow · commit d9db2a635c5e · 2026-04-02T14:44:20.000-07:00
Fix f_404 and f_405
diff --git a/apps/wolfsshd/auth.c b/apps/wolfsshd/auth.c
@@ -787,17 +787,17 @@ static int CheckPasswordWIN(const char* usr, const byte* pw, word32 pwSz, WOLFSS
 
     ret = WSSHD_AUTH_SUCCESS;
 
-    usrWSz = WSTRLEN(usr) * sizeof(WCHAR);
+    usrWSz = WSTRLEN(usr);
 
-    usrW = (WCHAR*)WMALLOC((usrWSz * sizeof(WCHAR)) + sizeof(WCHAR), authCtx->heap, DYNTYPE_SSHD);
+    usrW = (WCHAR*)WMALLOC((usrWSz + 1) * sizeof(WCHAR), authCtx->heap, DYNTYPE_SSHD);
     if (usrW == NULL) {
         wolfSSH_Log(WS_LOG_ERROR, "[SSHD] Ran out of memory");
         ret = WSSHD_AUTH_FAILURE;
     }
 
     if (ret == WSSHD_AUTH_SUCCESS) {
         size_t wr = 0;
-        if (mbstowcs_s(&wr, usrW, usrWSz, usr, usrWSz-1) != 0) {
+        if (mbstowcs_s(&wr, usrW, usrWSz + 1, usr, usrWSz) != 0) {
             ret = WSSHD_AUTH_FAILURE;
         }
     }
@@ -946,7 +946,7 @@ static int SetupUserTokenWin(const char* usr,
 
             /* write domain name after the user name in buffer */
             l->DomainName.Length = (USHORT)(wcslen(dmW) * sizeof(wchar_t));
-            l->DomainName.MaximumLength = l->UserPrincipalName.Length;
+            l->DomainName.MaximumLength = l->DomainName.Length;
             l->DomainName.Buffer = (WCHAR*)((byte*)(l->UserPrincipalName.Buffer) + l->UserPrincipalName.Length);
             memcpy_s(l->DomainName.Buffer, l->DomainName.Length, dmW, l->DomainName.Length);
         }

Original file line number	Diff line number	Diff line change
`@@ -787,17 +787,17 @@ static int CheckPasswordWIN(const char* usr, const byte* pw, word32 pwSz, WOLFSS`
`787`	`787`
`788`	`788`	`ret = WSSHD_AUTH_SUCCESS;`
`789`	`789`
`790`		`- usrWSz = WSTRLEN(usr) * sizeof(WCHAR);`
	`790`	`+ usrWSz = WSTRLEN(usr);`
`791`	`791`
`792`		`- usrW = (WCHAR)WMALLOC((usrWSz sizeof(WCHAR)) + sizeof(WCHAR), authCtx->heap, DYNTYPE_SSHD);`
	`792`	`+ usrW = (WCHAR)WMALLOC((usrWSz + 1) sizeof(WCHAR), authCtx->heap, DYNTYPE_SSHD);`
`793`	`793`	`if (usrW == NULL) {`
`794`	`794`	`wolfSSH_Log(WS_LOG_ERROR, "[SSHD] Ran out of memory");`
`795`	`795`	`ret = WSSHD_AUTH_FAILURE;`
`796`	`796`	`}`
`797`	`797`
`798`	`798`	`if (ret == WSSHD_AUTH_SUCCESS) {`
`799`	`799`	`size_t wr = 0;`
`800`		`- if (mbstowcs_s(&wr, usrW, usrWSz, usr, usrWSz-1) != 0) {`
	`800`	`+ if (mbstowcs_s(&wr, usrW, usrWSz + 1, usr, usrWSz) != 0) {`
`801`	`801`	`ret = WSSHD_AUTH_FAILURE;`
`802`	`802`	`}`
`803`	`803`	`}`
`@@ -946,7 +946,7 @@ static int SetupUserTokenWin(const char* usr,`
`946`	`946`
`947`	`947`	`/* write domain name after the user name in buffer */`
`948`	`948`	`l->DomainName.Length = (USHORT)(wcslen(dmW) * sizeof(wchar_t));`
`949`		`- l->DomainName.MaximumLength = l->UserPrincipalName.Length;`
	`949`	`+ l->DomainName.MaximumLength = l->DomainName.Length;`
`950`	`950`	`l->DomainName.Buffer = (WCHAR)((byte)(l->UserPrincipalName.Buffer) + l->UserPrincipalName.Length);`
`951`	`951`	`memcpy_s(l->DomainName.Buffer, l->DomainName.Length, dmW, l->DomainName.Length);`
`952`	`952`	`}`