http://bugs.winehq.org/show_bug.cgi?id=20918 Juan Lang <juan_lang(a)yahoo.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID --- Comment #1 from Juan Lang <juan_lang(a)yahoo.com> 2009-12-06 17:42:55 --- That's correct, this appears to be invalid. For example, Invalid read of size 4 at CryptSetKeyParam (crypt.c:1961) by test_incorrect_api_usage (crypt.c:250) advapi32/crypt.c, line 1961: if (!key || !pbData || !key->pProvider || key->pProvider->dwMagic != MAGIC_CRYPTPROV) That is, it dereferences key. advapi32/tests/crypt.c, lines leading up to 250: result = pCryptDestroyKey(hKey2); ok (result, "%d\n", GetLastError()); dwTemp = CRYPT_MODE_ECB; result = pCryptSetKeyParam(hKey2, KP_MODE, (BYTE*)&dwTemp, sizeof(DWORD)); That is, the key has been destroyed just prior to calling CryptSetKeyParam on it. Finally, in CryptDestroyKey: ret = prov->pFuncs->pCPDestroyKey(prov->hPrivate, key->hPrivate); CRYPT_Free(key); key is a pointer, rather than a handle, and it's been freed. So the read is invalid, as expected. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.