crypt32: fix crash in CertGetCertificateContextProperty when
querying length of a hash property
Mounir IDRASSI
mounir.idrassi at idrix.fr
Sun May 13 17:25:04 CDT 2007
Hi,
This patch corrects a crash that occur when we call
CertGetCertificateContextProperty with a pvData set to NULL in order to
get the length of hash property. The bug is located in the internal
function CertContext_GetHashProp.
It also adds in the tests a call to this function with a NULL pvData
parameter.
Mounir IDRASSI
IDRIX - Cryptography and IT Security Experts
http://www.idrix.fr
-------------- next part --------------
>From 2accaeff71801b49f35da4cb8f4f991506429d05 Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi at idrix.fr>
Date: Sun, 13 May 2007 23:38:46 +0200
Subject: crypt32: fix crash in CertGetCertificateContextProperty when querying length of a hash property
---
dlls/crypt32/cert.c | 2 +-
dlls/crypt32/tests/cert.c | 7 +++++++
2 files changed, 8 insertions(+), 1 deletions(-)
diff --git a/dlls/crypt32/cert.c b/dlls/crypt32/cert.c
index 884c2da..3912447 100644
--- a/dlls/crypt32/cert.c
+++ b/dlls/crypt32/cert.c
@@ -158,7 +158,7 @@ static BOOL CertContext_GetHashProp(void *context, DWORD dwPropId,
{
BOOL ret = CryptHashCertificate(0, algID, 0, toHash, toHashLen, pvData,
pcbData);
- if (ret)
+ if (ret && pvData)
{
CRYPT_DATA_BLOB blob = { *pcbData, pvData };
diff --git a/dlls/crypt32/tests/cert.c b/dlls/crypt32/tests/cert.c
index cdc6cfb..5c17e94 100644
--- a/dlls/crypt32/tests/cert.c
+++ b/dlls/crypt32/tests/cert.c
@@ -294,18 +294,25 @@ static void checkHash(const BYTE *data, DWORD dataLen, ALG_ID algID,
BYTE hash[20] = { 0 }, hashProperty[20];
BOOL ret;
DWORD size;
+ DWORD dwSizeWithNull;
memset(hash, 0, sizeof(hash));
memset(hashProperty, 0, sizeof(hashProperty));
size = sizeof(hash);
ret = CryptHashCertificate(0, algID, 0, data, dataLen, hash, &size);
ok(ret, "CryptHashCertificate failed: %08x\n", GetLastError());
+ ret = CertGetCertificateContextProperty(context, propID, NULL,
+ &dwSizeWithNull);
+ ok(ret, "CertGetCertificateContextProperty failed: %08x\n",
+ GetLastError());
ret = CertGetCertificateContextProperty(context, propID, hashProperty,
&size);
ok(ret, "CertGetCertificateContextProperty failed: %08x\n",
GetLastError());
ok(!memcmp(hash, hashProperty, size), "Unexpected hash for property %d\n",
propID);
+ ok(size == dwSizeWithNull, "Unexpected length of hash for property: received %d instead of %d\n",
+ dwSizeWithNull,size);
}
static WCHAR cspNameW[] = { 'W','i','n','e','C','r','y','p','t','T','e','m','p',0 };
--
1.4.4.2
More information about the wine-patches
mailing list