Module: wine Branch: master Commit: 0be05ab6aac571865358eea6e1256ff3f19b274c URL: http://source.winehq.org/git/wine.git/?a=commit;h=0be05ab6aac571865358eea6e1...
Author: Rob Shearman rob@codeweavers.com Date: Mon Mar 10 16:41:44 2008 +0000
wininet: Retrieve the maximum token length from the SSP and use a buffer of that length in calls to InitializeSecurityContextW.
Otherwise, InitializeSecurityContextW could run out of space with our small, fixed buffer and fail.
---
dlls/wininet/http.c | 15 +++++++++++++-- 1 files changed, 13 insertions(+), 2 deletions(-)
diff --git a/dlls/wininet/http.c b/dlls/wininet/http.c index c246001..638e520 100644 --- a/dlls/wininet/http.c +++ b/dlls/wininet/http.c @@ -98,6 +98,7 @@ struct HttpAuthInfo CtxtHandle ctx; TimeStamp exp; ULONG attr; + ULONG max_token; void *auth_data; unsigned int auth_data_len; BOOL finished; /* finished authenticating */ @@ -476,6 +477,16 @@ static BOOL HTTP_DoAuthorization( LPWININETHTTPREQW lpwhr, LPCWSTR pszAuthValue, pAuthData, NULL, NULL, &pAuthInfo->cred, &exp); + if (sec_status == SEC_E_OK) + { + PSecPkgInfoW sec_pkg_info; + sec_status = QuerySecurityPackageInfoW(pAuthInfo->scheme, &sec_pkg_info); + if (sec_status == SEC_E_OK) + { + pAuthInfo->max_token = sec_pkg_info->cbMaxToken; + FreeContextBuffer(sec_pkg_info); + } + } if (sec_status != SEC_E_OK) { WARN("AcquireCredentialsHandleW for scheme %s failed with error 0x%08x\n", @@ -554,10 +565,10 @@ static BOOL HTTP_DoAuthorization( LPWININETHTTPREQW lpwhr, LPCWSTR pszAuthValue, HTTP_DecodeBase64(pszAuthData, in.pvBuffer); }
- buffer = HeapAlloc(GetProcessHeap(), 0, 0x100); + buffer = HeapAlloc(GetProcessHeap(), 0, pAuthInfo->max_token);
out.BufferType = SECBUFFER_TOKEN; - out.cbBuffer = 0x100; + out.cbBuffer = pAuthInfo->max_token; out.pvBuffer = buffer;
out_desc.ulVersion = 0;