Juan Lang : crypt32: Avoid reading freed memory when encountering a cyclic chain.
Alexandre Julliard
julliard at winehq.org
Wed Feb 25 09:22:39 CST 2009
Module: wine
Branch: master
Commit: 4817fbc362daa4474e72874eb714dc387ed2e3f8
URL: http://source.winehq.org/git/wine.git/?a=commit;h=4817fbc362daa4474e72874eb714dc387ed2e3f8
Author: Juan Lang <juan.lang at gmail.com>
Date: Tue Feb 24 16:55:00 2009 -0800
crypt32: Avoid reading freed memory when encountering a cyclic chain.
---
dlls/crypt32/chain.c | 6 ++++++
1 files changed, 6 insertions(+), 0 deletions(-)
diff --git a/dlls/crypt32/chain.c b/dlls/crypt32/chain.c
index 5943117..2e414cd 100644
--- a/dlls/crypt32/chain.c
+++ b/dlls/crypt32/chain.c
@@ -306,7 +306,13 @@ static BOOL CRYPT_AddCertToSimpleChain(PCertificateChainEngine engine,
= subjectInfoStatus;
/* FIXME: initialize the rest of element */
if (!(chain->cElement % engine->CycleDetectionModulus))
+ {
CRYPT_CheckSimpleChainForCycles(chain);
+ /* Reinitialize the element pointer in case the chain is
+ * cyclic, in which case the chain is truncated.
+ */
+ element = chain->rgpElement[chain->cElement - 1];
+ }
CRYPT_CombineTrustStatus(&chain->TrustStatus,
&element->TrustStatus);
ret = TRUE;
More information about the wine-cvs
mailing list