rsaenh: Fix crash in RSAENH_CPVerifySignature if pbSignature is set to NULL or if dwSigLen is lesser than the expected value.
This commit is contained in:
parent
2e9fa34d67
commit
e61eddd6a5
|
@ -3611,6 +3611,21 @@ BOOL WINAPI RSAENH_CPVerifySignature(HCRYPTPROV hProv, HCRYPTHASH hHash, CONST B
|
||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* in Microsoft implementation, the signature length is checked before
|
||||||
|
* the signature pointer.
|
||||||
|
*/
|
||||||
|
if (dwSigLen != pCryptKey->dwKeyLen)
|
||||||
|
{
|
||||||
|
SetLastError(NTE_BAD_SIGNATURE);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!hHash || !pbSignature)
|
||||||
|
{
|
||||||
|
SetLastError(ERROR_INVALID_PARAMETER);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
if (sDescription) {
|
if (sDescription) {
|
||||||
if (!RSAENH_CPHashData(hProv, hHash, (CONST BYTE*)sDescription,
|
if (!RSAENH_CPHashData(hProv, hHash, (CONST BYTE*)sDescription,
|
||||||
(DWORD)lstrlenW(sDescription)*sizeof(WCHAR), 0))
|
(DWORD)lstrlenW(sDescription)*sizeof(WCHAR), 0))
|
||||||
|
|
|
@ -1043,6 +1043,18 @@ static void test_verify_signature(void) {
|
||||||
ok(result, "%08x\n", GetLastError());
|
ok(result, "%08x\n", GetLastError());
|
||||||
if (!result) return;
|
if (!result) return;
|
||||||
|
|
||||||
|
/*check that a NULL pointer signature is correctly handled*/
|
||||||
|
result = CryptVerifySignature(hHash, NULL, 128, hPubSignKey, NULL, 0);
|
||||||
|
ok(!result && ERROR_INVALID_PARAMETER == GetLastError(),
|
||||||
|
"Expected ERROR_INVALID_PARAMETER error, got %08x\n", GetLastError());
|
||||||
|
if (result) return;
|
||||||
|
|
||||||
|
/* check that we get a bad signature error when the signature is too short*/
|
||||||
|
result = CryptVerifySignature(hHash, abSignatureMD2, 64, hPubSignKey, NULL, 0);
|
||||||
|
ok(!result && NTE_BAD_SIGNATURE == GetLastError(),
|
||||||
|
"Expected NTE_BAD_SIGNATURE error, got %08x\n", GetLastError());
|
||||||
|
if (result) return;
|
||||||
|
|
||||||
result = CryptVerifySignature(hHash, abSignatureMD2, 128, hPubSignKey, NULL, 0);
|
result = CryptVerifySignature(hHash, abSignatureMD2, 128, hPubSignKey, NULL, 0);
|
||||||
ok(result, "%08x\n", GetLastError());
|
ok(result, "%08x\n", GetLastError());
|
||||||
if (!result) return;
|
if (!result) return;
|
||||||
|
|
Loading…
Reference in New Issue