rsaenh: Validate pad byte when decrypting a block cipher
Juan Lang
juan.lang at gmail.com
Tue Sep 11 14:45:24 CDT 2007
--Juan
-------------- next part --------------
From 0c3d3ac1c80407d4949204f4c441e2994a8b156e Mon Sep 17 00:00:00 2001
From: Juan Lang <juan.lang at gmail.com>
Date: Tue, 11 Sep 2007 12:44:26 -0700
Subject: [PATCH] Validate pad byte when decrypting a block cipher
---
dlls/rsaenh/rsaenh.c | 11 ++++++++++-
1 files changed, 10 insertions(+), 1 deletions(-)
diff --git a/dlls/rsaenh/rsaenh.c b/dlls/rsaenh/rsaenh.c
index 4002f27..6d71a86 100644
--- a/dlls/rsaenh/rsaenh.c
+++ b/dlls/rsaenh/rsaenh.c
@@ -2080,7 +2080,16 @@ BOOL WINAPI RSAENH_CPDecrypt(HCRYPTPROV
}
memcpy(in, out, pCryptKey->dwBlockLen);
}
- if (Final) *pdwDataLen -= pbData[*pdwDataLen-1];
+ if (Final) {
+ if (pbData[*pdwDataLen-1] &&
+ pbData[*pdwDataLen-1] <= pCryptKey->dwBlockLen &&
+ pbData[*pdwDataLen-1] < *pdwDataLen)
+ *pdwDataLen -= pbData[*pdwDataLen-1];
+ else {
+ SetLastError(NTE_BAD_DATA);
+ return FALSE;
+ }
+ }
} else if (GET_ALG_TYPE(pCryptKey->aiAlgid) == ALG_TYPE_STREAM) {
encrypt_stream_impl(pCryptKey->aiAlgid, &pCryptKey->context, pbData, *pdwDataLen);
--
1.4.1
More information about the wine-patches
mailing list