From 76da97ae2f7d2030d0257ac5e704bf9c6c40a15e Mon Sep 17 00:00:00 2001 From: Juan Lang Date: Wed, 7 Nov 2007 14:00:10 -0800 Subject: [PATCH] Fail decoding a CRL entry if the serial number is empty --- dlls/crypt32/decode.c | 6 ++++++ dlls/crypt32/tests/encode.c | 2 +- 2 files changed, 7 insertions(+), 1 deletions(-) diff --git a/dlls/crypt32/decode.c b/dlls/crypt32/decode.c index db2a3b3..8ceceac 100644 --- a/dlls/crypt32/decode.c +++ b/dlls/crypt32/decode.c @@ -1065,6 +1065,12 @@ static BOOL CRYPT_AsnDecodeCRLEntry(cons ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]), pbEncoded, cbEncoded, dwFlags, NULL, entry, pcbStructInfo, pcbDecoded, entry ? entry->SerialNumber.pbData : NULL); + if (ret && entry && !entry->SerialNumber.cbData) + { + WARN("empty CRL entry serial number\n"); + SetLastError(CRYPT_E_ASN1_CORRUPT); + ret = FALSE; + } return ret; } diff --git a/dlls/crypt32/tests/encode.c b/dlls/crypt32/tests/encode.c index 74ebe3c..82d0344 100644 --- a/dlls/crypt32/tests/encode.c +++ b/dlls/crypt32/tests/encode.c @@ -4269,7 +4269,7 @@ static void test_decodeCRLToBeSigned(DWO ret = CryptDecodeObjectEx(dwEncoding, X509_CERT_CRL_TO_BE_SIGNED, v1CRLWithIssuerAndEmptyEntry, v1CRLWithIssuerAndEmptyEntry[1] + 2, CRYPT_DECODE_ALLOC_FLAG, NULL, (BYTE *)&buf, &size); - todo_wine ok(!ret && GetLastError() == CRYPT_E_ASN1_CORRUPT, + ok(!ret && GetLastError() == CRYPT_E_ASN1_CORRUPT, "Expected CRYPT_E_ASN1_CORRUPT, got %08x\n", GetLastError()); /* with a real CRL entry */ ret = CryptDecodeObjectEx(dwEncoding, X509_CERT_CRL_TO_BE_SIGNED, -- 1.4.1