Module: wine Branch: master Commit: 862eab28201ca4e2c4705b112f9b5c0a0516522c URL: http://source.winehq.org/git/wine.git/?a=commit;h=862eab28201ca4e2c4705b112f...

Author: Juan Lang juan.lang@gmail.com Date: Wed Jan 19 12:21:24 2011 -0800

crypt32: Ensure temporary string is NULL-terminated to avoid uninitialized memory access (valgrind).

---

dlls/crypt32/str.c | 7 ++++++- 1 files changed, 6 insertions(+), 1 deletions(-)

diff --git a/dlls/crypt32/str.c b/dlls/crypt32/str.c index 9d814df..81e9ec3 100644 --- a/dlls/crypt32/str.c +++ b/dlls/crypt32/str.c @@ -789,7 +789,7 @@ static BOOL CRYPT_EncodeValueWithType(DWORD dwCertEncodingType, LONG i; LPWSTR ptr;

- nameValue.Value.pbData = CryptMemAlloc((value->end - value->start) * + nameValue.Value.pbData = CryptMemAlloc((value->end - value->start + 1) * sizeof(WCHAR)); if (!nameValue.Value.pbData) { @@ -803,6 +803,11 @@ static BOOL CRYPT_EncodeValueWithType(DWORD dwCertEncodingType, if (value->start[i] == '"') i++; } + /* The string is NULL terminated because of a quirk in encoding + * unicode names values: if the length is given as 0, the value is + * assumed to be a NULL-terminated string. + */ + *ptr = 0; nameValue.Value.cbData = (LPBYTE)ptr - nameValue.Value.pbData; } ret = CryptEncodeObjectEx(dwCertEncodingType, X509_UNICODE_NAME_VALUE,