Juan Lang : crypt32: Ensure temporary string is NULL-terminated to avoid uninitialized memory access (valgrind).
Alexandre Julliard
julliard at winehq.org
Thu Jan 20 12:41:20 CST 2011
Module: wine
Branch: master
Commit: 862eab28201ca4e2c4705b112f9b5c0a0516522c
URL: http://source.winehq.org/git/wine.git/?a=commit;h=862eab28201ca4e2c4705b112f9b5c0a0516522c
Author: Juan Lang <juan.lang at gmail.com>
Date: Wed Jan 19 12:21:24 2011 -0800
crypt32: Ensure temporary string is NULL-terminated to avoid uninitialized memory access (valgrind).
---
dlls/crypt32/str.c | 7 ++++++-
1 files changed, 6 insertions(+), 1 deletions(-)
diff --git a/dlls/crypt32/str.c b/dlls/crypt32/str.c
index 9d814df..81e9ec3 100644
--- a/dlls/crypt32/str.c
+++ b/dlls/crypt32/str.c
@@ -789,7 +789,7 @@ static BOOL CRYPT_EncodeValueWithType(DWORD dwCertEncodingType,
LONG i;
LPWSTR ptr;
- nameValue.Value.pbData = CryptMemAlloc((value->end - value->start) *
+ nameValue.Value.pbData = CryptMemAlloc((value->end - value->start + 1) *
sizeof(WCHAR));
if (!nameValue.Value.pbData)
{
@@ -803,6 +803,11 @@ static BOOL CRYPT_EncodeValueWithType(DWORD dwCertEncodingType,
if (value->start[i] == '"')
i++;
}
+ /* The string is NULL terminated because of a quirk in encoding
+ * unicode names values: if the length is given as 0, the value is
+ * assumed to be a NULL-terminated string.
+ */
+ *ptr = 0;
nameValue.Value.cbData = (LPBYTE)ptr - nameValue.Value.pbData;
}
ret = CryptEncodeObjectEx(dwCertEncodingType, X509_UNICODE_NAME_VALUE,
More information about the wine-cvs
mailing list