Module: wine Branch: master Commit: e61eddd6a56e1a0befc25a96216156e9ae07e8f4 URL: http://source.winehq.org/git/wine.git/?a=commit;h=e61eddd6a56e1a0befc25a9621...
Author: Mounir IDRASSI mounir.idrassi@idrix.fr Date: Tue May 15 00:35:46 2007 +0200
rsaenh: Fix crash in RSAENH_CPVerifySignature if pbSignature is set to NULL or if dwSigLen is lesser than the expected value.
---
dlls/rsaenh/rsaenh.c | 15 +++++++++++++++ dlls/rsaenh/tests/rsaenh.c | 12 ++++++++++++ 2 files changed, 27 insertions(+), 0 deletions(-)
diff --git a/dlls/rsaenh/rsaenh.c b/dlls/rsaenh/rsaenh.c index 3e7ac8e..ca9e4a9 100644 --- a/dlls/rsaenh/rsaenh.c +++ b/dlls/rsaenh/rsaenh.c @@ -3611,6 +3611,21 @@ BOOL WINAPI RSAENH_CPVerifySignature(HCRYPTPROV hProv, HCRYPTHASH hHash, CONST B return FALSE; }
+ /* in Microsoft implementation, the signature length is checked before + * the signature pointer. + */ + if (dwSigLen != pCryptKey->dwKeyLen) + { + SetLastError(NTE_BAD_SIGNATURE); + return FALSE; + } + + if (!hHash || !pbSignature) + { + SetLastError(ERROR_INVALID_PARAMETER); + return FALSE; + } + if (sDescription) { if (!RSAENH_CPHashData(hProv, hHash, (CONST BYTE*)sDescription, (DWORD)lstrlenW(sDescription)*sizeof(WCHAR), 0)) diff --git a/dlls/rsaenh/tests/rsaenh.c b/dlls/rsaenh/tests/rsaenh.c index 466a43c..5d17be2 100644 --- a/dlls/rsaenh/tests/rsaenh.c +++ b/dlls/rsaenh/tests/rsaenh.c @@ -1043,6 +1043,18 @@ static void test_verify_signature(void) { ok(result, "%08x\n", GetLastError()); if (!result) return;
+ /*check that a NULL pointer signature is correctly handled*/ + result = CryptVerifySignature(hHash, NULL, 128, hPubSignKey, NULL, 0); + ok(!result && ERROR_INVALID_PARAMETER == GetLastError(), + "Expected ERROR_INVALID_PARAMETER error, got %08x\n", GetLastError()); + if (result) return; + + /* check that we get a bad signature error when the signature is too short*/ + result = CryptVerifySignature(hHash, abSignatureMD2, 64, hPubSignKey, NULL, 0); + ok(!result && NTE_BAD_SIGNATURE == GetLastError(), + "Expected NTE_BAD_SIGNATURE error, got %08x\n", GetLastError()); + if (result) return; + result = CryptVerifySignature(hHash, abSignatureMD2, 128, hPubSignKey, NULL, 0); ok(result, "%08x\n", GetLastError()); if (!result) return;