advapi32: Make sure not to return a credential with a NULL UserName field when a Mac Keychain doesn't have an account name attribute.
This commit is contained in:
parent
99c27e7da4
commit
d245e7978d
@ -250,6 +250,7 @@ static DWORD mac_read_credential_from_item(SecKeychainItemRef item, BOOL require
|
|||||||
void *cred_blob;
|
void *cred_blob;
|
||||||
LPWSTR domain = NULL;
|
LPWSTR domain = NULL;
|
||||||
LPWSTR user = NULL;
|
LPWSTR user = NULL;
|
||||||
|
BOOL user_name_present = FALSE;
|
||||||
SecKeychainAttributeInfo info;
|
SecKeychainAttributeInfo info;
|
||||||
SecKeychainAttributeList *attr_list;
|
SecKeychainAttributeList *attr_list;
|
||||||
UInt32 info_tags[] = { kSecServerItemAttr, kSecSecurityDomainItemAttr, kSecAccountItemAttr,
|
UInt32 info_tags[] = { kSecServerItemAttr, kSecSecurityDomainItemAttr, kSecAccountItemAttr,
|
||||||
@ -269,6 +270,19 @@ static DWORD mac_read_credential_from_item(SecKeychainItemRef item, BOOL require
|
|||||||
WARN("SecKeychainItemCopyAttributesAndData returned status %ld\n", status);
|
WARN("SecKeychainItemCopyAttributesAndData returned status %ld\n", status);
|
||||||
return ERROR_NOT_FOUND;
|
return ERROR_NOT_FOUND;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
for (i = 0; i < attr_list->count; i++)
|
||||||
|
if (attr_list->attr[i].tag == kSecAccountItemAttr && attr_list->attr[i].data)
|
||||||
|
{
|
||||||
|
user_name_present = TRUE;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
if (!user_name_present)
|
||||||
|
{
|
||||||
|
WARN("no kSecAccountItemAttr for item\n");
|
||||||
|
return ERROR_NOT_FOUND;
|
||||||
|
}
|
||||||
|
|
||||||
if (buffer)
|
if (buffer)
|
||||||
{
|
{
|
||||||
credential->Flags = 0;
|
credential->Flags = 0;
|
||||||
|
Loading…
x
Reference in New Issue
Block a user