From b7d26dc9f55e0f5bb1211d2c8f9ce0fea898221b Mon Sep 17 00:00:00 2001
From: Juan Lang <juan.lang@gmail.com>
Date: Mon, 8 Sep 2008 12:45:40 -0700
Subject: [PATCH] crypt32: Don't crash when asked to verify a signature before
 the content has been finalized.

---
 dlls/crypt32/msg.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/dlls/crypt32/msg.c b/dlls/crypt32/msg.c
index 54c5bb0fdd4..8312ff97ede 100644
--- a/dlls/crypt32/msg.c
+++ b/dlls/crypt32/msg.c
@@ -2554,6 +2554,11 @@ static BOOL CDecodeSignedMsg_VerifySignature(CDecodeMsg *msg, PCERT_INFO info)
     BOOL ret = FALSE;
     DWORD i;
 
+    if (!msg->u.signed_data.signerHandles)
+    {
+        SetLastError(NTE_BAD_SIGNATURE);
+        return FALSE;
+    }
     for (i = 0; !ret && i < msg->u.signed_data.info->cSignerInfo; i++)
     {
         PCMSG_CMS_SIGNER_INFO signerInfo =
@@ -2596,6 +2601,8 @@ static BOOL CDecodeSignedMsg_VerifySignatureEx(CDecodeMsg *msg,
         SetLastError(ERROR_INVALID_PARAMETER);
     else if (para->dwSignerIndex >= msg->u.signed_data.info->cSignerInfo)
         SetLastError(CRYPT_E_SIGNER_NOT_FOUND);
+    else if (!msg->u.signed_data.signerHandles)
+        SetLastError(NTE_BAD_SIGNATURE);
     else
     {
         switch (para->dwSignerType)