fix overflow hidden by broken WideCharToMultiByte
Christoph von Wittich
Christoph at ApiViewer.de
Sat Jun 27 18:46:05 CDT 2009
---
dlls/advapi32/crypt.c | 10 ++++++++++
1 files changed, 10 insertions(+), 0 deletions(-)
diff --git a/dlls/advapi32/crypt.c b/dlls/advapi32/crypt.c
index d1fc25d..28c1f64 100644
--- a/dlls/advapi32/crypt.c
+++ b/dlls/advapi32/crypt.c
@@ -1202,6 +1202,10 @@ BOOL WINAPI CryptEnumProvidersA (DWORD dwIndex, DWORD *pdwReserved,
TRACE("(%d, %p, %08x, %p, %p, %p)\n", dwIndex, pdwReserved, dwFlags,
pdwProvType, pszProvName, pcbProvName);
+
+ if (*pcbProvName > INT_MAX)
+ *pcbProvName = INT_MAX;
+
if(!CryptEnumProvidersW(dwIndex, pdwReserved, dwFlags, pdwProvType, NULL, &bufsize))
return FALSE;
if ( pszProvName && !(str = CRYPT_Alloc(bufsize)) )
@@ -1331,6 +1335,9 @@ BOOL WINAPI CryptEnumProviderTypesA (DWORD dwIndex, DWORD *pdwReserved,
TRACE("(%d, %p, %08x, %p, %p, %p)\n", dwIndex, pdwReserved, dwFlags,
pdwProvType, pszTypeName, pcbTypeName);
+ if (*pcbTypeName > INT_MAX)
+ *pcbTypeName = INT_MAX;
+
if(!CryptEnumProviderTypesW(dwIndex, pdwReserved, dwFlags, pdwProvType, NULL, &bufsize))
return FALSE;
if ( pszTypeName && !(str = CRYPT_Alloc(bufsize)) )
@@ -1530,6 +1537,9 @@ BOOL WINAPI CryptGetDefaultProviderA (DWORD dwProvType, DWORD *pdwReserved,
TRACE("(%d, %p, %08x, %p, %p)\n", dwProvType, pdwReserved, dwFlags, pszProvName, pcbProvName);
+ if (*pcbProvName > INT_MAX)
+ *pcbProvName = INT_MAX;
+
CryptGetDefaultProviderW(dwProvType, pdwReserved, dwFlags, NULL, &bufsize);
if ( pszProvName && !(str = CRYPT_Alloc(bufsize)) )
{
--
1.6.1.9.g97c34
--------------070403010909050400030607--
More information about the wine-patches
mailing list