Juan Lang : cryptnet: Don't access URL cache entry before it's been read. - wine-commits

8 Oct 2008

Module: wine
Branch: master
Commit: da605a935b2be910a6ad1f758106192c861d176e
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=da605a935b2be910a6ad1f7581...
Author: Juan Lang juan.lang@gmail.com
Date:   Fri Oct  3 10:50:34 2008 -0700
cryptnet: Don't access URL cache entry before it's been read.
---
dlls/cryptnet/cryptnet_main.c |   61 ++++++++++++++++++++++-------------------
 1 files changed, 33 insertions(+), 28 deletions(-)

diff --git a/dlls/cryptnet/cryptnet_main.c b/dlls/cryptnet/cryptnet_main.c
index 0395e0a..3f44aeb 100644
--- a/dlls/cryptnet/cryptnet_main.c
+++ b/dlls/cryptnet/cryptnet_main.c
@@ -405,52 +405,57 @@ static BOOL CRYPT_GetObjectFromCache(LPCWSTR pszURL, PCRYPT_BLOB_ARRAY pObject,
  PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
 {
     BOOL ret = FALSE;
-    INTERNET_CACHE_ENTRY_INFOW cacheInfo = { sizeof(cacheInfo), 0 };
-    DWORD size = sizeof(cacheInfo);
+    INTERNET_CACHE_ENTRY_INFOW *pCacheInfo = NULL;
+    DWORD size = 0;
TRACE("(%s, %p, %p)\n", debugstr_w(pszURL), pObject, pAuxInfo);
-    if (GetUrlCacheEntryInfoW(pszURL, &cacheInfo, &size) ||
-     GetLastError() == ERROR_INSUFFICIENT_BUFFER)
+    ret = GetUrlCacheEntryInfoW(pszURL, NULL, &size);
+    if (!ret && GetLastError() == ERROR_INSUFFICIENT_BUFFER)
+    {
+        pCacheInfo = CryptMemAlloc(size);
+        if (pCacheInfo)
+            ret = TRUE;
+        else
+            SetLastError(ERROR_OUTOFMEMORY);
+    }
+    if (ret && (ret = GetUrlCacheEntryInfoW(pszURL, pCacheInfo, &size)))
     {
         FILETIME ft;
GetSystemTimeAsFileTime(&ft);
-        if (CompareFileTime(&cacheInfo.ExpireTime, &ft) >= 0)
+        if (CompareFileTime(&pCacheInfo->ExpireTime, &ft) >= 0)
         {
-            LPINTERNET_CACHE_ENTRY_INFOW pCacheInfo = CryptMemAlloc(size);
+            HANDLE hFile = CreateFileW(pCacheInfo->lpszLocalFileName,
+             GENERIC_READ, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
-            if (pCacheInfo)
+            if (hFile != INVALID_HANDLE_VALUE)
             {
-                if (GetUrlCacheEntryInfoW(pszURL, pCacheInfo, &size))
+                if ((ret = CRYPT_GetObjectFromFile(hFile, pObject)))
                 {
-                    HANDLE hFile = CreateFileW(pCacheInfo->lpszLocalFileName,
-                     GENERIC_READ, 0, NULL, OPEN_EXISTING,
-                     FILE_ATTRIBUTE_NORMAL, NULL);
-
-                    if (hFile != INVALID_HANDLE_VALUE)
-                    {
-                        if ((ret = CRYPT_GetObjectFromFile(hFile, pObject)))
-                        {
-                            if (pAuxInfo && pAuxInfo->cbSize >=
-                             offsetof(CRYPT_RETRIEVE_AUX_INFO,
-                             pLastSyncTime) + sizeof(PFILETIME) &&
-                             pAuxInfo->pLastSyncTime)
-                                memcpy(pAuxInfo->pLastSyncTime,
-                                 &pCacheInfo->LastSyncTime,
-                                 sizeof(FILETIME));
-                        }
-                        CloseHandle(hFile);
-                    }
+                    if (pAuxInfo && pAuxInfo->cbSize >=
+                     offsetof(CRYPT_RETRIEVE_AUX_INFO,
+                     pLastSyncTime) + sizeof(PFILETIME) &&
+                     pAuxInfo->pLastSyncTime)
+                        memcpy(pAuxInfo->pLastSyncTime,
+                         &pCacheInfo->LastSyncTime,
+                         sizeof(FILETIME));
                 }
-                CryptMemFree(pCacheInfo);
+                CloseHandle(hFile);
             }
             else
-                SetLastError(ERROR_OUTOFMEMORY);
+            {
+                DeleteUrlCacheEntryW(pszURL);
+                ret = FALSE;
+            }
         }
         else
+        {
             DeleteUrlCacheEntryW(pszURL);
+            ret = FALSE;
+        }
     }
+    CryptMemFree(pCacheInfo);
     TRACE("returning %d\n", ret);
     return ret;
 }

    