[PATCH v2 0/2] MR1908: msi: pSignatureSettings uninitialized
This field was not unitilized so it got a random value from the stack causing a later crash when it was dereferenced in Wintrust (SoftPubloadSignature). -- v2: Memset the struct to avoid exlicit initialization https://gitlab.winehq.org/wine/wine/-/merge_requests/1908
From: "Philip K. Gisslow" <ripxorip(a)gmail.com> This field was not unitilized so it got a random value from the stack causing a later crash when it was dereferenced in Wintrust (SoftPubloadSignature). --- dlls/msi/msi.c | 1 + 1 file changed, 1 insertion(+) diff --git a/dlls/msi/msi.c b/dlls/msi/msi.c index db04babb899..886c5d3ba6f 100644 --- a/dlls/msi/msi.c +++ b/dlls/msi/msi.c @@ -2556,6 +2556,7 @@ HRESULT WINAPI MsiGetFileSignatureInformationW( const WCHAR *path, DWORD flags, data.pwszURLReference = NULL; data.dwProvFlags = 0; data.dwUIContext = WTD_UICONTEXT_INSTALL; + data.pSignatureSettings = NULL; hr = WinVerifyTrustEx( INVALID_HANDLE_VALUE, &generic_verify_v2, &data ); *cert = NULL; if (FAILED(hr)) goto done; -- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/1908
From: "Philip K. Gisslow" <ripxorip(a)gmail.com> As suggested by Nikolay and Zebediah --- dlls/msi/msi.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/dlls/msi/msi.c b/dlls/msi/msi.c index 886c5d3ba6f..29a50625a57 100644 --- a/dlls/msi/msi.c +++ b/dlls/msi/msi.c @@ -2544,19 +2544,15 @@ HRESULT WINAPI MsiGetFileSignatureInformationW( const WCHAR *path, DWORD flags, info.hFile = NULL; info.pgKnownSubject = NULL; + memset( data, 0, sizeof(data) ); data.cbStruct = sizeof(data); - data.pPolicyCallbackData = NULL; - data.pSIPClientData = NULL; data.dwUIChoice = WTD_UI_NONE; data.fdwRevocationChecks = WTD_REVOKE_WHOLECHAIN; data.dwUnionChoice = WTD_CHOICE_FILE; data.u.pFile = &info; data.dwStateAction = WTD_STATEACTION_VERIFY; - data.hWVTStateData = NULL; - data.pwszURLReference = NULL; - data.dwProvFlags = 0; data.dwUIContext = WTD_UICONTEXT_INSTALL; - data.pSignatureSettings = NULL; + hr = WinVerifyTrustEx( INVALID_HANDLE_VALUE, &generic_verify_v2, &data ); *cert = NULL; if (FAILED(hr)) goto done; -- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/1908
Hi, It looks like your patch introduced the new failures shown below. Please investigate and fix them before resubmitting your patch. If they are not new, fixing them anyway would help a lot. Otherwise please ask for the known failures list to be updated. The full results can be found at: https://testbot.winehq.org/JobDetails.pl?Key=128168 Your paranoid android. === debian11 (build log) === ../wine/dlls/msi/msi.c:2547:13: error: incompatible type for argument 1 of ���memset��� Task: The win32 Wine build failed === debian11b (build log) === ../wine/dlls/msi/msi.c:2547:13: error: incompatible type for argument 1 of ���memset��� Task: The wow64 Wine build failed
On Thu Jan 5 06:39:03 2023 +0000, Nikolay Sivov wrote:
memset-ing seems better so that we can remove some lines to initialize other members, and for consistency. Agreed, updated with another commit. Thanks for your input.
-- https://gitlab.winehq.org/wine/wine/-/merge_requests/1908#note_20349
participants (3)
-
Marvin -
Philip K. Gisslow -
Philip Karlsson Gisslow (@ripxorip)