From 661525c6064a1da91c7bbcd11a0c2ff5583f8b0f Mon Sep 17 00:00:00 2001
From: Juan Lang <juan.lang@gmail.com>
Date: Fri, 28 Sep 2007 09:06:11 -0700
Subject: [PATCH] crypt32: Be more strict about format of serialized store
 files.

---
 dlls/crypt32/serialize.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/dlls/crypt32/serialize.c b/dlls/crypt32/serialize.c
index 2884a4c8077..281ac3fefd9 100644
--- a/dlls/crypt32/serialize.c
+++ b/dlls/crypt32/serialize.c
@@ -431,7 +431,11 @@ BOOL CRYPT_ReadSerializedStoreFromFile(HANDLE file, HCERTSTORE store)
     ret = ReadFile(file, fileHeaderBuf, sizeof(fileHeaderBuf), &read, NULL);
     if (ret)
     {
-        if (!memcmp(fileHeaderBuf, fileHeader, read))
+        if (!read)
+            ; /* an empty file is okay */
+        else if (read != sizeof(fileHeaderBuf))
+            ret = FALSE;
+        else if (!memcmp(fileHeaderBuf, fileHeader, read))
         {
             WINE_CERT_PROP_HEADER propHdr;
             const void *context = NULL;
@@ -503,6 +507,8 @@ BOOL CRYPT_ReadSerializedStoreFromFile(HANDLE file, HCERTSTORE store)
             CryptMemFree(buf);
             ret = TRUE;
         }
+        else
+            ret = FALSE;
     }
     else
         ret = TRUE;