[PATCH] crypt32: Handle NULL ptr leak in CryptDecodeObjectEx (Coverity)

Sat Jan 31 05:57:36 CST 2009

Hi,

CID 595, a NULL pvStructInfo could later be unsafely dereferenced
in the function. Avoid it.

Ciao, Marcus
---
 dlls/crypt32/decode.c |    7 ++++++-
 1 files changed, 6 insertions(+), 1 deletions(-)

diff --git a/dlls/crypt32/decode.c b/dlls/crypt32/decode.c
index cda8b62..d69057c 100644
--- a/dlls/crypt32/decode.c
+++ b/dlls/crypt32/decode.c
@@ -5468,8 +5468,13 @@ BOOL WINAPI CryptDecodeObjectEx(DWORD dwCertEncodingType, LPCSTR lpszStructType,
     }
 
     SetLastError(NOERROR);
-    if (dwFlags & CRYPT_DECODE_ALLOC_FLAG && pvStructInfo)
+    if (dwFlags & CRYPT_DECODE_ALLOC_FLAG) {
+        if (!pvStructInfo) {
+            SetLastError(ERROR_INVALID_PARAMETER);
+            return FALSE;
+        }
         *(BYTE **)pvStructInfo = NULL;
+    }
     decodeFunc = CRYPT_GetBuiltinDecoder(dwCertEncodingType, lpszStructType);
     if (!decodeFunc)
     {
-- 
1.5.6

