crypt32: Add parameter validation.

Zhiyi Zhang zzhang at codeweavers.com
Thu Jul 2 01:33:25 CDT 2020 


On 7/2/20 1:53 PM, Zhipeng Zhao wrote:
>
>
> 0001-crypt32-Add-parameter-validation.patch
>
> From 63c44d4282ecdbb233bf3c26463336d08ca04ea3 Mon Sep 17 00:00:00 2001
> From: Zhipeng Zhao <zhaozhipeng at uniontech.com>
> Date: Thu, 2 Jul 2020 13:47:26 +0800
> Subject: [PATCH] crypt32: Add parameter validation.
>
> Signed-off-by: Zhipeng Zhao <zhaozhipeng at uniontech.com>
> ---
>  dlls/crypt32/msg.c | 18 ++++++++++++++++++
>  1 file changed, 18 insertions(+)
>
> diff --git a/dlls/crypt32/msg.c b/dlls/crypt32/msg.c
> index f591a5e72e..42cb9d0e31 100644
> --- a/dlls/crypt32/msg.c
> +++ b/dlls/crypt32/msg.c
> @@ -3660,6 +3660,12 @@ BOOL WINAPI CryptMsgClose(HCRYPTMSG hCryptMsg)
>  BOOL WINAPI CryptMsgUpdate(HCRYPTMSG hCryptMsg, const BYTE *pbData,
>   DWORD cbData, BOOL fFinal)
>  {
> +    if (!hCryptMsg)
> +    {
> +        SetLastError(E_INVALIDARG);
> +        return FALSE;
> +    }
> +
>      CryptMsgBase *msg = hCryptMsg;
This makes the msg declarationno longer at the beginning of a block.
See https://wiki.winehq.org/Developer_Hints#Using_only_C89-compliant_code

What application needs this change? If hCryptMsg really needs to be checked
against NULL, there are many more functions that make use of the handle.
Maybe you should add a helper for it.

And please add tests for this change.

Thanks,
Zhiyi
>  
>      TRACE("(%p, %p, %d, %d)\n", hCryptMsg, pbData, cbData, fFinal);
> @@ -3670,6 +3676,12 @@ BOOL WINAPI CryptMsgUpdate(HCRYPTMSG hCryptMsg, const BYTE *pbData,
>  BOOL WINAPI CryptMsgGetParam(HCRYPTMSG hCryptMsg, DWORD dwParamType,
>   DWORD dwIndex, void *pvData, DWORD *pcbData)
>  {
> +    if (!hCryptMsg)
> +    {
> +        SetLastError(E_INVALIDARG);
> +        return FALSE;
> +    }
> +
>      CryptMsgBase *msg = hCryptMsg;
>  
>      TRACE("(%p, %d, %d, %p, %p)\n", hCryptMsg, dwParamType, dwIndex,
> @@ -3680,6 +3692,12 @@ BOOL WINAPI CryptMsgGetParam(HCRYPTMSG hCryptMsg, DWORD dwParamType,
>  BOOL WINAPI CryptMsgControl(HCRYPTMSG hCryptMsg, DWORD dwFlags,
>   DWORD dwCtrlType, const void *pvCtrlPara)
>  {
> +    if (!hCryptMsg)
> +    {
> +        SetLastError(E_INVALIDARG);
> +        return FALSE;
> +    }
> +
>      CryptMsgBase *msg = hCryptMsg;
>  
>      TRACE("(%p, %08x, %d, %p)\n", hCryptMsg, dwFlags, dwCtrlType,

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.winehq.org/pipermail/wine-devel/attachments/20200702/12dbf2d0/attachment.htm>

More information about the wine-devel mailing list