From fe678927dd12ba597d4886418cd72f194954f7fa Mon Sep 17 00:00:00 2001 From: Hans Leidekker Date: Mon, 19 Aug 2013 15:52:44 +0200 Subject: [PATCH] winhttp: Fix invalid parameter handling in WinHttpQueryAuthSchemes. --- dlls/winhttp/request.c | 11 +++++- dlls/winhttp/tests/winhttp.c | 72 +++++++++++++++++++++++++++++++----- 2 files changed, 72 insertions(+), 11 deletions(-) diff --git a/dlls/winhttp/request.c b/dlls/winhttp/request.c index 00c2238870e..35a0deb6419 100644 --- a/dlls/winhttp/request.c +++ b/dlls/winhttp/request.c @@ -1270,12 +1270,14 @@ static BOOL query_auth_schemes( request_t *request, DWORD level, LPDWORD support return FALSE; } scheme = auth_scheme_from_header( buffer ); + heap_free( buffer ); + if (!scheme) break; + if (first && index == 1) *first = *supported = scheme; else *supported |= scheme; - heap_free( buffer ); ret = TRUE; } return ret; @@ -1302,6 +1304,13 @@ BOOL WINAPI WinHttpQueryAuthSchemes( HINTERNET hrequest, LPDWORD supported, LPDW set_last_error( ERROR_WINHTTP_INCORRECT_HANDLE_TYPE ); return FALSE; } + if (!supported || !first || !target) + { + release_object( &request->hdr ); + set_last_error( ERROR_INVALID_PARAMETER ); + return FALSE; + + } if (query_auth_schemes( request, WINHTTP_QUERY_WWW_AUTHENTICATE, supported, first )) { diff --git a/dlls/winhttp/tests/winhttp.c b/dlls/winhttp/tests/winhttp.c index 87ddcb01dd8..3157a44684e 100644 --- a/dlls/winhttp/tests/winhttp.c +++ b/dlls/winhttp/tests/winhttp.c @@ -1881,7 +1881,7 @@ static void test_basic_request(int port, const WCHAR *verb, const WCHAR *path) { HINTERNET ses, con, req; char buffer[0x100]; - DWORD count, status, size, supported, first, target; + DWORD count, status, size, error, supported, first, target; BOOL ret; ses = WinHttpOpen(test_useragent, 0, NULL, NULL, 0); @@ -1904,12 +1904,15 @@ static void test_basic_request(int port, const WCHAR *verb, const WCHAR *path) ok(ret, "failed to query status code %u\n", GetLastError()); ok(status == 200, "request failed unexpectedly %u\n", status); - supported = first = target = 0xffff; + supported = first = target = 0xdeadbeef; + SetLastError(0xdeadbeef); ret = WinHttpQueryAuthSchemes(req, &supported, &first, &target); + error = GetLastError(); ok(!ret, "unexpected success\n"); - ok(supported == 0xffff, "got %x\n", supported); - ok(first == 0xffff, "got %x\n", first); - ok(target == 0xffff, "got %x\n", target); + todo_wine ok(error == ERROR_INVALID_OPERATION, "expected ERROR_INVALID_OPERATION, got %u\n", error); + ok(supported == 0xdeadbeef, "got %x\n", supported); + ok(first == 0xdeadbeef, "got %x\n", first); + ok(target == 0xdeadbeef, "got %x\n", target); count = 0; memset(buffer, 0, sizeof(buffer)); @@ -1941,12 +1944,54 @@ static void test_basic_authentication(int port) req = WinHttpOpenRequest(con, NULL, authW, NULL, NULL, NULL, 0); ok(req != NULL, "failed to open a request %u\n", GetLastError()); - supported = first = target = 0xffff; + SetLastError(0xdeadbeef); + ret = WinHttpQueryAuthSchemes(NULL, NULL, NULL, NULL); + error = GetLastError(); + ok(!ret, "expected failure\n"); + ok(error == ERROR_INVALID_HANDLE, "expected ERROR_INVALID_HANDLE, got %u\n", error); + + SetLastError(0xdeadbeef); + ret = WinHttpQueryAuthSchemes(req, NULL, NULL, NULL); + error = GetLastError(); + ok(!ret, "expected failure\n"); + ok(error == ERROR_INVALID_PARAMETER || error == ERROR_INVALID_OPERATION, "got %u\n", error); + + supported = 0xdeadbeef; + SetLastError(0xdeadbeef); + ret = WinHttpQueryAuthSchemes(req, &supported, NULL, NULL); + error = GetLastError(); + ok(!ret, "expected failure\n"); + ok(error == ERROR_INVALID_PARAMETER || error == ERROR_INVALID_OPERATION, "got %u\n", error); + ok(supported == 0xdeadbeef, "got %x\n", supported); + + supported = first = 0xdeadbeef; + SetLastError(0xdeadbeef); + ret = WinHttpQueryAuthSchemes(req, &supported, &first, NULL); + error = GetLastError(); + ok(!ret, "expected failure\n"); + ok(error == ERROR_INVALID_PARAMETER || error == ERROR_INVALID_OPERATION, "got %u\n", error); + ok(supported == 0xdeadbeef, "got %x\n", supported); + ok(first == 0xdeadbeef, "got %x\n", first); + + supported = first = target = 0xdeadbeef; + SetLastError(0xdeadbeef); ret = WinHttpQueryAuthSchemes(req, &supported, &first, &target); - ok(!ret, "unexpected success\n"); - ok(supported == 0xffff, "got %x\n", supported); - ok(first == 0xffff, "got %x\n", first); - ok(target == 0xffff, "got %x\n", target); + error = GetLastError(); + ok(!ret, "expected failure\n"); + todo_wine ok(error == ERROR_INVALID_OPERATION, "expected ERROR_INVALID_OPERATION, got %u\n", error); + ok(supported == 0xdeadbeef, "got %x\n", supported); + ok(first == 0xdeadbeef, "got %x\n", first); + ok(target == 0xdeadbeef, "got %x\n", target); + + supported = first = target = 0xdeadbeef; + SetLastError(0xdeadbeef); + ret = WinHttpQueryAuthSchemes(NULL, &supported, &first, &target); + error = GetLastError(); + ok(!ret, "expected failure\n"); + ok(error == ERROR_INVALID_HANDLE, "expected ERROR_INVALID_HANDLE, got %u\n", error); + ok(supported == 0xdeadbeef, "got %x\n", supported); + ok(first == 0xdeadbeef, "got %x\n", first); + ok(target == 0xdeadbeef, "got %x\n", target); ret = WinHttpSendRequest(req, NULL, 0, NULL, 0, 0, 0); ok(ret, "failed to send request %u\n", GetLastError()); @@ -1959,6 +2004,13 @@ static void test_basic_authentication(int port) ok(ret, "failed to query status code %u\n", GetLastError()); ok(status == 401, "request failed unexpectedly %u\n", status); + supported = first = target = 0xdeadbeef; + ret = WinHttpQueryAuthSchemes(req, &supported, &first, &target); + ok(ret, "failed to query authentication schemes %u\n", GetLastError()); + ok(supported == WINHTTP_AUTH_SCHEME_BASIC, "got %x\n", supported); + ok(first == WINHTTP_AUTH_SCHEME_BASIC, "got %x\n", first); + ok(target == WINHTTP_AUTH_TARGET_SERVER, "got %x\n", target); + ret = WinHttpSetCredentials(req, WINHTTP_AUTH_TARGET_SERVER, WINHTTP_AUTH_SCHEME_NTLM, NULL, NULL, NULL); ok(ret, "failed to set credentials %u\n", GetLastError());