crypt32: Fail decoding a CRL entry if the serial number is empty.
This commit is contained in:
Juan Lang
Alexandre Julliard
parent
571d75187a
commit
c5d5c5b63a
|
|
@ -1065,6 +1065,12 @@ static BOOL CRYPT_AsnDecodeCRLEntry(const BYTE *pbEncoded, DWORD cbEncoded,
|
||||||
ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
|
ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
|
||||||
pbEncoded, cbEncoded, dwFlags, NULL, entry, pcbStructInfo, pcbDecoded,
|
pbEncoded, cbEncoded, dwFlags, NULL, entry, pcbStructInfo, pcbDecoded,
|
||||||
entry ? entry->SerialNumber.pbData : NULL);
|
entry ? entry->SerialNumber.pbData : NULL);
|
||||||
|
if (ret && entry && !entry->SerialNumber.cbData)
|
||||||
|
{
|
||||||
|
WARN("empty CRL entry serial number\n");
|
||||||
|
SetLastError(CRYPT_E_ASN1_CORRUPT);
|
||||||
|
ret = FALSE;
|
||||||
|
}
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -4269,7 +4269,7 @@ static void test_decodeCRLToBeSigned(DWORD dwEncoding)
|
||||||
ret = CryptDecodeObjectEx(dwEncoding, X509_CERT_CRL_TO_BE_SIGNED,
|
ret = CryptDecodeObjectEx(dwEncoding, X509_CERT_CRL_TO_BE_SIGNED,
|
||||||
v1CRLWithIssuerAndEmptyEntry, v1CRLWithIssuerAndEmptyEntry[1] + 2,
|
v1CRLWithIssuerAndEmptyEntry, v1CRLWithIssuerAndEmptyEntry[1] + 2,
|
||||||
CRYPT_DECODE_ALLOC_FLAG, NULL, (BYTE *)&buf, &size);
|
CRYPT_DECODE_ALLOC_FLAG, NULL, (BYTE *)&buf, &size);
|
||||||
todo_wine ok(!ret && GetLastError() == CRYPT_E_ASN1_CORRUPT,
|
ok(!ret && GetLastError() == CRYPT_E_ASN1_CORRUPT,
|
||||||
"Expected CRYPT_E_ASN1_CORRUPT, got %08x\n", GetLastError());
|
"Expected CRYPT_E_ASN1_CORRUPT, got %08x\n", GetLastError());
|
||||||
/* with a real CRL entry */
|
/* with a real CRL entry */
|
||||||
ret = CryptDecodeObjectEx(dwEncoding, X509_CERT_CRL_TO_BE_SIGNED,
|
ret = CryptDecodeObjectEx(dwEncoding, X509_CERT_CRL_TO_BE_SIGNED,
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue