[Bug 20567] Uninitialised memory reference in RSAENH_CPImportKey
wine-bugs at winehq.org
wine-bugs at winehq.org
Wed Nov 4 13:06:34 CST 2009
http://bugs.winehq.org/show_bug.cgi?id=20567
--- Comment #5 from Juan Lang <juan_lang at yahoo.com> 2009-11-04 13:06:33 ---
Created an attachment (id=24551)
--> (http://bugs.winehq.org/attachment.cgi?id=24551)
Patch
Does this patch help?
I believe I see the source of the problem: a key of a given length doesn't
necessarily need that many bits to store. Consider the number 2: it's valid
as a 32-bit number, but it doesn't need more than 2 bits to store. When
exporting a key, the function mp_to_unsigned_bin writes one byte of a number at
a time to memory, and divides the number by 8 to discard the byte it just
wrote. It stops when the result of the division is zero: there are no
significant bytes remaining.
This patch makes sure to set to 0 the insignificant bytes. I don't know why
neglecting to do this didn't cause issues before, except if the memory was
implicitly zeroed (or unless my understanding is incorrect, which is perhaps
more likely.)
--
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the wine-bugs
mailing list