[rsaenh]: Correction for buffer size detection

Kees Cook kees at outflux.net
Mon May 16 00:11:55 CDT 2005


This is a more correct patch.  Apologies.

ChangeLog:
	avoid segfault when detecting decryption buffer size.

-- 
Kees Cook                                            @outflux.net
-------------- next part --------------
Index: dlls/rsaenh/rsaenh.c
===================================================================
RCS file: /home/wine/wine/dlls/rsaenh/rsaenh.c,v
retrieving revision 1.26
diff -u -p -r1.26 rsaenh.c
--- dlls/rsaenh/rsaenh.c	18 Apr 2005 15:36:21 -0000	1.26
+++ dlls/rsaenh/rsaenh.c	16 May 2005 05:10:28 -0000
@@ -1834,7 +1834,7 @@ BOOL WINAPI RSAENH_CPEncrypt(HCRYPTPROV 
         }
 
         dwEncryptedLen = (*pdwDataLen/pCryptKey->dwBlockLen+(Final?1:0))*pCryptKey->dwBlockLen;
-        for (i=*pdwDataLen; i<dwEncryptedLen; i++) pbData[i] = dwEncryptedLen - *pdwDataLen;
+        for (i=*pdwDataLen; i<dwEncryptedLen && i<dwBufLen; i++) pbData[i] = dwEncryptedLen - *pdwDataLen;
         *pdwDataLen = dwEncryptedLen; 
 
         if (*pdwDataLen > dwBufLen) 


More information about the wine-patches mailing list