Merge pull request #2 from JohnLaTwC/patch-1

Fix potential buffer overrun in credguard disable
2026-06-08 16:37:12 +00:00 · 2021-12-08 18:18:19 +01:00
parent f3147ecb8a 7c6eb8173d
commit 7587511330
1 changed files with 2 additions and 2 deletions
@@ -54,7 +54,7 @@ DWORD WINAPI disableCredGuardByPatchingLSASS(void) {
    BOOL returnStatus = FALSE;
    TCHAR szModulename[MAX_PATH];
    for (DWORD i = 0; i < (lpcbNeeded / sizeof(HMODULE)); i++) {
-        if (hModulesArray[i] && !GetModuleFileNameEx(hLsass, hModulesArray[i], szModulename, sizeof(szModulename))) {
+        if (hModulesArray[i] && !GetModuleFileNameEx(hLsass, hModulesArray[i], szModulename, _countof(szModulename))) {
            _tprintf(TEXT("[!] Cred Guard bypass non fatal error: couldn't get module name for module at index 0x%lx (GetModuleFileNameEx, error code 0x%lx)\n"), i, GetLastError());
            continue;
        }
@@ -167,4 +167,4 @@ DWORD WINAPI disableCredGuardByPatchingLSASS(void) {
    CloseHandle(hLsass);
    return returnStatus;
-}
+}