[rsaenh]: Correction for buffer size detection
Kees Cook
kees at outflux.net
Mon May 16 00:11:55 CDT 2005
This is a more correct patch. Apologies.
ChangeLog:
avoid segfault when detecting decryption buffer size.
--
Kees Cook @outflux.net
-------------- next part --------------
Index: dlls/rsaenh/rsaenh.c
===================================================================
RCS file: /home/wine/wine/dlls/rsaenh/rsaenh.c,v
retrieving revision 1.26
diff -u -p -r1.26 rsaenh.c
--- dlls/rsaenh/rsaenh.c 18 Apr 2005 15:36:21 -0000 1.26
+++ dlls/rsaenh/rsaenh.c 16 May 2005 05:10:28 -0000
@@ -1834,7 +1834,7 @@ BOOL WINAPI RSAENH_CPEncrypt(HCRYPTPROV
}
dwEncryptedLen = (*pdwDataLen/pCryptKey->dwBlockLen+(Final?1:0))*pCryptKey->dwBlockLen;
- for (i=*pdwDataLen; i<dwEncryptedLen; i++) pbData[i] = dwEncryptedLen - *pdwDataLen;
+ for (i=*pdwDataLen; i<dwEncryptedLen && i<dwBufLen; i++) pbData[i] = dwEncryptedLen - *pdwDataLen;
*pdwDataLen = dwEncryptedLen;
if (*pdwDataLen > dwBufLen)
More information about the wine-patches
mailing list