[Bug 57042] New: rsaenh RSAENH_CPDecrypt crashes when an application tries to decrypt an empty string
https://bugs.winehq.org/show_bug.cgi?id=57042
Bug ID: 57042 Summary: rsaenh RSAENH_CPDecrypt crashes when an application tries to decrypt an empty string Product: Wine Version: 9.14 Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: rsaenh Assignee: wine-bugs@winehq.org Reporter: kubapet@gmail.com Distribution: ---
BizAgi Modeler v 3.9.0.015 won't start because (for some strange reason) it tries to decrypt http proxy password even when it is not set (it is an empty string). The current implementation of RSAENH_CPDecrypt fails on segfault when Final = true, pbData = "" and apdwDataLen = 0.
Unhandled Exception: System.AccessViolationException: Attempted to read or write protected memory. This is often an indication that other memory is corrupt. at System.Security.Cryptography.CapiNative.UnsafeNativeMethods.CryptDecrypt(SafeCapiKeyHandle hKey, SafeCapiHashHandle hHash, Boolean Final, Int32 dwFlags, IntPtr pbData, Int32& pdwDataLen) at System.Security.Cryptography.CapiSymmetricAlgorithm.Reset() at System.Security.Cryptography.CapiSymmetricAlgorithm.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount) at Bizagi.ProcessModeler.BusinessEntities.Proxy.ProxyConnectionHelper.DecryptPassword_Aes(String encryptedPassword) at Bizagi.ProcessModeler.BusinessLogic.Cloud.HttpRequestUtil.SetProxyConfiguration() at lambda_method(Closure ) at SimpleInjector.Lifestyles.SingletonLifestyle.SingletonLifestyleRegistration`1.CreateInstanceWithNullCheck() at SimpleInjector.Lifestyles.SingletonLifestyle.SingletonLifestyleRegistration`1.GetInterceptedInstance() at SimpleInjector.Lifestyles.SingletonLifestyle.SingletonLifestyleRegistration`1.BuildExpression() at SimpleInjector.InstanceProducer.BuildExpressionInternal() at System.Lazy`1.CreateValue() at System.Lazy`1.LazyInitValue() at SimpleInjector.InstanceProducer.BuildExpression() at SimpleInjector.Registration.BuildConstructorParameters(ConstructorInfo constructor) at SimpleInjector.Registration.BuildNewExpression() at SimpleInjector.Registration.BuildTransientExpression() at SimpleInjector.Lifestyles.SingletonLifestyle.SingletonLifestyleRegistration`1.CreateInstanceWithNullCheck() at SimpleInjector.Lifestyles.SingletonLifestyle.SingletonLifestyleRegistration`1.GetInterceptedInstance() at SimpleInjector.Lifestyles.SingletonLifestyle.SingletonLifestyleRegistration`1.BuildExpression() at SimpleInjector.InstanceProducer.BuildExpressionInternal() at System.Lazy`1.CreateValue() at System.Lazy`1.LazyInitValue() at SimpleInjector.InstanceProducer.BuildExpression() at SimpleInjector.Registration.BuildConstructorParameters(ConstructorInfo constructor) at SimpleInjector.Registration.BuildNewExpression() at SimpleInjector.Registration.BuildTransientExpression() at SimpleInjector.Lifestyles.SingletonLifestyle.SingletonLifestyleRegistration`1.CreateInstanceWithNullCheck() at SimpleInjector.Lifestyles.SingletonLifestyle.SingletonLifestyleRegistration`1.GetInterceptedInstance() at SimpleInjector.Lifestyles.SingletonLifestyle.SingletonLifestyleRegistration`1.BuildExpression() at SimpleInjector.InstanceProducer.BuildExpressionInternal() at System.Lazy`1.CreateValue() at System.Lazy`1.LazyInitValue() at SimpleInjector.InstanceProducer.BuildExpression() at SimpleInjector.Registration.BuildConstructorParameters(ConstructorInfo constructor) at SimpleInjector.Registration.BuildNewExpression() at SimpleInjector.Registration.BuildTransientExpression() at SimpleInjector.Lifestyles.SingletonLifestyle.SingletonLifestyleRegistration`1.CreateInstanceWithNullCheck() at SimpleInjector.Lifestyles.SingletonLifestyle.SingletonLifestyleRegistration`1.GetInterceptedInstance() at SimpleInjector.Lifestyles.SingletonLifestyle.SingletonLifestyleRegistration`1.BuildExpression() at SimpleInjector.InstanceProducer.BuildExpressionInternal() at System.Lazy`1.CreateValue() at System.Lazy`1.LazyInitValue() at SimpleInjector.InstanceProducer.BuildExpression() at SimpleInjector.Registration.BuildConstructorParameters(ConstructorInfo constructor) at SimpleInjector.Registration.BuildNewExpression() at SimpleInjector.Registration.BuildTransientExpression() at SimpleInjector.Lifestyles.SingletonLifestyle.SingletonLifestyleRegistration`1.CreateInstanceWithNullCheck() at SimpleInjector.Lifestyles.SingletonLifestyle.SingletonLifestyleRegistration`1.GetInterceptedInstance() at SimpleInjector.Lifestyles.SingletonLifestyle.SingletonLifestyleRegistration`1.BuildExpression() at SimpleInjector.InstanceProducer.BuildExpressionInternal() at System.Lazy`1.CreateValue() at System.Lazy`1.LazyInitValue() at SimpleInjector.InstanceProducer.BuildExpression() at SimpleInjector.Registration.BuildConstructorParameters(ConstructorInfo constructor) at SimpleInjector.Registration.BuildNewExpression() at SimpleInjector.Registration.BuildTransientExpression() at SimpleInjector.InstanceProducer.BuildExpressionInternal() at System.Lazy`1.CreateValue() at System.Lazy`1.LazyInitValue() at SimpleInjector.InstanceProducer.BuildInstanceCreator() at SimpleInjector.InstanceProducer.BuildAndReplaceInstanceCreatorAndCreateFirstInstance() at SimpleInjector.InstanceProducer.GetInstance() at SimpleInjector.Container.GetInstance(Type serviceType) at Bizagi.DependencyInjector.InjectorBase.Resolve[T]() at Bizagi.DependencyInjector.ApplicationFactory.BuildApplication[TApplication](IApplicationBuilder`1 applicationBuilder, Boolean verify) at BizagiProcessModeler.Program.Main()
https://bugs.winehq.org/show_bug.cgi?id=57042
--- Comment #1 from Jakub Petrzilka kubapet@gmail.com --- Created attachment 76898 --> https://bugs.winehq.org/attachment.cgi?id=76898 stacktrace
https://bugs.winehq.org/show_bug.cgi?id=57042
Jakub Petrzilka kubapet@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Fixed by SHA1| |3d509ce451a2056a6dbb610e617 | |ae3c1312d75ca Resolution|--- |FIXED Status|UNCONFIRMED |RESOLVED Distribution|--- |SUSE
--- Comment #2 from Jakub Petrzilka kubapet@gmail.com --- RSAENH_CPDecrypt will now return NTE_BAD_LEN when *pdwDataLen = 0
https://bugs.winehq.org/show_bug.cgi?id=57042
Gijs Vermeulen gijsvrm@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Ever confirmed|0 |1 Resolution|FIXED |---
--- Comment #3 from Gijs Vermeulen gijsvrm@gmail.com --- You MR hasn't been merged yet, so let's wait to resolve it fixed until that is the case.
https://bugs.winehq.org/show_bug.cgi?id=57042
--- Comment #4 from Jakub Petrzilka kubapet@gmail.com --- It is merged now
https://bugs.winehq.org/show_bug.cgi?id=57042
Gijs Vermeulen gijsvrm@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |RESOLVED Resolution|--- |FIXED Fixed by SHA1|3d509ce451a2056a6dbb610e617 |9f0edb69209eb00faac55bbf1a5 |ae3c1312d75ca |f605750517201
--- Comment #5 from Gijs Vermeulen gijsvrm@gmail.com --- (In reply to Jakub Petrzilka from comment #4)
It is merged now
Indeed, marking FIXED. Thanks for the report & fix.
https://bugs.winehq.org/show_bug.cgi?id=57042
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #6 from Alexandre Julliard julliard@winehq.org --- Closing bugs fixed in 9.15.
-
WineHQ Bugzilla