ReceiveTempSMS
/
Sweden-Number
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

crypt32: Don't leak buffer when a unicode string contains an invalid character.

This commit is contained in:
Juan Lang 2007-11-01 10:07:11 -07:00 committed by Alexandre Julliard
parent b9e78cc637
commit f64d600494
1 changed files with 30 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
dlls/crypt32/encode.c
View File

@ -1579,16 +1579,19 @@ static BOOL CRYPT_AsnEncodeNumericString(const CERT_NAME_VALUE *value,
pbEncoded, pcbEncoded, bytesNeeded))) pbEncoded, pcbEncoded, bytesNeeded)))
{ {
DWORD i; DWORD i;
BYTE *ptr;
if (dwFlags & CRYPT_ENCODE_ALLOC_FLAG) if (dwFlags & CRYPT_ENCODE_ALLOC_FLAG)
pbEncoded = *(BYTE **)pbEncoded; ptr = *(BYTE **)pbEncoded;
*pbEncoded++ = ASN_NUMERICSTRING; else
CRYPT_EncodeLen(encodedLen, pbEncoded, &lenBytes); ptr = pbEncoded;
pbEncoded += lenBytes; *ptr++ = ASN_NUMERICSTRING;
CRYPT_EncodeLen(encodedLen, ptr, &lenBytes);
ptr += lenBytes;
for (i = 0; ret && i < encodedLen; i++) for (i = 0; ret && i < encodedLen; i++)
{ {
if (isdigitW(str[i])) if (isdigitW(str[i]))
*pbEncoded++ = (BYTE)str[i]; *ptr++ = (BYTE)str[i];
else else
{ {
*pcbEncoded = i; *pcbEncoded = i;
@ -1596,6 +1599,8 @@ static BOOL CRYPT_AsnEncodeNumericString(const CERT_NAME_VALUE *value,
ret = FALSE; ret = FALSE;
} }
} }
if (!ret && (dwFlags & CRYPT_ENCODE_ALLOC_FLAG))
CryptMemFree(*(BYTE **)pbEncoded);
} }
} }
return ret; return ret;
@ -1628,16 +1633,19 @@ static BOOL CRYPT_AsnEncodePrintableString(const CERT_NAME_VALUE *value,
pbEncoded, pcbEncoded, bytesNeeded))) pbEncoded, pcbEncoded, bytesNeeded)))
{ {
DWORD i; DWORD i;
BYTE *ptr;
if (dwFlags & CRYPT_ENCODE_ALLOC_FLAG) if (dwFlags & CRYPT_ENCODE_ALLOC_FLAG)
pbEncoded = *(BYTE **)pbEncoded; ptr = *(BYTE **)pbEncoded;
*pbEncoded++ = ASN_PRINTABLESTRING; else
CRYPT_EncodeLen(encodedLen, pbEncoded, &lenBytes); ptr = pbEncoded;
pbEncoded += lenBytes; *ptr++ = ASN_PRINTABLESTRING;
CRYPT_EncodeLen(encodedLen, ptr, &lenBytes);
ptr += lenBytes;
for (i = 0; ret && i < encodedLen; i++) for (i = 0; ret && i < encodedLen; i++)
{ {
if (isprintableW(str[i])) if (isprintableW(str[i]))
*pbEncoded++ = (BYTE)str[i]; *ptr++ = (BYTE)str[i];
else else
{ {
*pcbEncoded = i; *pcbEncoded = i;
@ -1645,6 +1653,8 @@ static BOOL CRYPT_AsnEncodePrintableString(const CERT_NAME_VALUE *value,
ret = FALSE; ret = FALSE;
} }
} }
if (!ret && (dwFlags & CRYPT_ENCODE_ALLOC_FLAG))
CryptMemFree(*(BYTE **)pbEncoded);
} }
} }
return ret; return ret;
@ -1670,16 +1680,19 @@ static BOOL CRYPT_AsnEncodeIA5String(const CERT_NAME_VALUE *value,
pbEncoded, pcbEncoded, bytesNeeded))) pbEncoded, pcbEncoded, bytesNeeded)))
{ {
DWORD i; DWORD i;
BYTE *ptr;
if (dwFlags & CRYPT_ENCODE_ALLOC_FLAG) if (dwFlags & CRYPT_ENCODE_ALLOC_FLAG)
pbEncoded = *(BYTE **)pbEncoded; ptr = *(BYTE **)pbEncoded;
*pbEncoded++ = ASN_IA5STRING; else
CRYPT_EncodeLen(encodedLen, pbEncoded, &lenBytes); ptr = pbEncoded;
pbEncoded += lenBytes; *ptr++ = ASN_IA5STRING;
CRYPT_EncodeLen(encodedLen, ptr, &lenBytes);
ptr += lenBytes;
for (i = 0; ret && i < encodedLen; i++) for (i = 0; ret && i < encodedLen; i++)
{ {
if (str[i] <= 0x7f) if (str[i] <= 0x7f)
*pbEncoded++ = (BYTE)str[i]; *ptr++ = (BYTE)str[i];
else else
{ {
*pcbEncoded = i; *pcbEncoded = i;
@ -1687,6 +1700,8 @@ static BOOL CRYPT_AsnEncodeIA5String(const CERT_NAME_VALUE *value,
ret = FALSE; ret = FALSE;
} }
} }
if (!ret && (dwFlags & CRYPT_ENCODE_ALLOC_FLAG))
CryptMemFree(*(BYTE **)pbEncoded);
} }
} }
return ret; return ret;