advapi32: increase robustness for incorrect api usage
Michael Jung
mjung at iss.tu-darmstadt.de
Tue Mar 29 15:45:05 CST 2005
The attached patch fixes the advapi32 related crash in the "Uru - Ages Beyond
Myst Demo" installer.
When a context is released, the corresponding heap based struct variable is
zero'ed before being released. When the CryptDestroyHash function is called,
the corresponding context is checked if it was already being zero'ed out.
Note that a heap location is read, which has already been released. However,
this only happens in case of incorrect api usage. This is not guaranteed to
work, but it should be more robust.
I suspect that windows does it in a similar way. Looking at the actual values
of HCRYPTHASH variables shows that those are addresses in WinXP SP2.
Considering this, I think that the only 100% clean way to implement this
behaviour would be to have a list of currently existing hash and key objects
in the context, which then would be marked invalid when the context is
released.
If this patch is applied, I will look into advapi32 to find similar places
where this scheme should be implemented. If the patch is rejected, it would
be nice to get some feedback on how people think it should be done correctly.
Changelog:
Make advapi32 more robust in case of incorrect api usage
Bye,
--
Michael Jung
mjung at iss.tu-darmstadt.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dlls_advapi32_crypt_c_2.diff
Type: text/x-diff
Size: 1736 bytes
Desc: not available
Url : http://www.winehq.org/pipermail/wine-patches/attachments/20050329/ed4584c9/dlls_advapi32_crypt_c_2.bin
More information about the wine-patches
mailing list