[2/2] secur32: Correctly deal with cbBuffer

André Hentschel nerv at dawncrow.de
Tue Aug 27 15:18:08 CDT 2013


---
 dlls/secur32/schannel.c       | 5 +++++
 dlls/secur32/tests/schannel.c | 2 --
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/dlls/secur32/schannel.c b/dlls/secur32/schannel.c
index 240062f..e4a9ec9 100644
--- a/dlls/secur32/schannel.c
+++ b/dlls/secur32/schannel.c
@@ -792,6 +792,9 @@ static SECURITY_STATUS SEC_ENTRY schan_InitializeSecurityContextW(
     dump_buffer_desc(pInput);
     dump_buffer_desc(pOutput);
 
+    if (pOutput && (!pOutput->cBuffers || !pOutput->pBuffers[0].cbBuffer))
+        return SEC_E_INSUFFICIENT_MEMORY;
+
     if (!phContext)
     {
         ULONG_PTR handle;
@@ -891,6 +894,8 @@ static SECURITY_STATUS SEC_ENTRY schan_InitializeSecurityContextW(
 
     /* Perform the TLS handshake */
     ret = schan_imp_handshake(ctx->session);
+    if (ret != SEC_E_OK)
+        pOutput->pBuffers[0].cbBuffer = 0;
 
     if(transport.in.offset && transport.in.offset != pInput->pBuffers[0].cbBuffer) {
         if(pInput->cBuffers<2 || pInput->pBuffers[1].BufferType!=SECBUFFER_EMPTY)
diff --git a/dlls/secur32/tests/schannel.c b/dlls/secur32/tests/schannel.c
index e0d550c..d443868 100644
--- a/dlls/secur32/tests/schannel.c
+++ b/dlls/secur32/tests/schannel.c
@@ -699,13 +699,11 @@ static void test_communication(void)
             ISC_REQ_CONFIDENTIALITY|ISC_REQ_STREAM,
             0, 0, &buffers[1], 0, NULL, &buffers[0], &attrs, NULL);
     ok(status == SEC_E_INVALID_TOKEN, "Expected SEC_E_INVALID_TOKEN, got %08x\n", status);
-todo_wine
     ok(buffers[0].pBuffers[0].cbBuffer == 0, "Output buffer size was not set to 0.\n");
 
     status = pInitializeSecurityContextA(&cred_handle, &context, (SEC_CHAR *)"localhost",
             ISC_REQ_CONFIDENTIALITY|ISC_REQ_STREAM,
             0, 0, &buffers[1], 0, NULL, &buffers[0], &attrs, NULL);
-todo_wine
     ok(status == SEC_E_INSUFFICIENT_MEMORY || status == SEC_E_INVALID_TOKEN,
        "Expected SEC_E_INSUFFICIENT_MEMORY or SEC_E_INVALID_TOKEN, got %08x\n", status);
 
-- 
1.8.1.2



More information about the wine-patches mailing list