There is a bug in the definition of LSH_DLGINFO_EX_V1_SZ in 2.6.3 and possibly earlier versions.
The define is:
    #define LSH_DLGINFO_EX_V1_SZ (sizeof(DWORD) + 3 * sizeof(LPSTR) * 8 * sizeof(int))
In fact, it should be:
    #define LSH_DLGINFO_EX_V1_SZ (sizeof(DWORD) + 3 * sizeof(LPSTR) + 8 * sizeof(int))
The size of the V1 structure should be 48 bytes but due to the typo, it thinks the size is 388 bytes.
The source in lsh_pwd.c should probably read:
  if ((lpdi->size != LSH_DLGINFO_EX_V1_SZ && 
       lpdi->size != sizeof(LSH_DLGINFO_EX)
       lpdi-_size != 388) ||
       lpdi->dlgtype != DLGTYPE_PASSWD) {
to allow existing applications not to generate error messages when the source is updated or when working with versions of the client which use the broken definition.
Pierre Goyette
Senior Director, R&D
Hummingbird Ltd.
Montreal, Quebec, Canada