From 5d8d9e7d08836698d9f55153cece7c006f7c1751 Mon Sep 17 00:00:00 2001
From: Juan Lang <juan.lang@gmail.com>
Date: Fri, 10 Aug 2007 11:20:24 -0700
Subject: [PATCH] crypt32: Validate parameters better in CryptDecodeObject.

---
 dlls/crypt32/decode.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/dlls/crypt32/decode.c b/dlls/crypt32/decode.c
index c6f7305a985..7c50b27acce 100644
--- a/dlls/crypt32/decode.c
+++ b/dlls/crypt32/decode.c
@@ -4138,6 +4138,16 @@ BOOL WINAPI CryptDecodeObject(DWORD dwCertEncodingType, LPCSTR lpszStructType,
         SetLastError(ERROR_INVALID_PARAMETER);
         return FALSE;
     }
+    if (!cbEncoded)
+    {
+        SetLastError(CRYPT_E_ASN1_EOD);
+        return FALSE;
+    }
+    if (cbEncoded > MAX_ENCODED_LEN)
+    {
+        SetLastError(CRYPT_E_ASN1_LARGE);
+        return FALSE;
+    }
 
     if (!(pCryptDecodeObjectEx = CRYPT_GetBuiltinDecoder(dwCertEncodingType,
      lpszStructType)))