Juan Lang : crypt32: Update a comment to reflect a fixed vulnerability. - wine-commits

11 Nov 2009

Module: wine
Branch: master
Commit: 7eb33b18dac0a5c7f76d4e5bc6453b4b0d1cbd66
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=7eb33b18dac0a5c7f76d4e5bc6...
Author: Juan Lang juan.lang@gmail.com
Date:   Tue Nov 10 10:18:36 2009 -0800
crypt32: Update a comment to reflect a fixed vulnerability.
---
dlls/crypt32/chain.c |    7 +++----
 1 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/dlls/crypt32/chain.c b/dlls/crypt32/chain.c
index c6eaaec..a69b9e4 100644
--- a/dlls/crypt32/chain.c
+++ b/dlls/crypt32/chain.c
@@ -2363,11 +2363,10 @@ static BOOL match_dns_to_subject_alt_name(PCERT_EXTENSION ext,
     DWORD size;
TRACE_(chain)("%s\n", debugstr_w(server_name));
-    /* FIXME: This can be spoofed by the embedded NULL vulnerability.  The
+    /* This could be spoofed by the embedded NULL vulnerability, since the
      * returned CERT_ALT_NAME_INFO doesn't have a way to indicate the
-     * encoded length of a name, so a certificate issued to
-     * winehq.org\0badsite.com will get treated as having been issued to
-     * winehq.org.
+     * encoded length of a name.  Fortunately CryptDecodeObjectEx fails if
+     * the encoded form of the name contains a NULL.
      */
     if (CryptDecodeObjectEx(X509_ASN_ENCODING, X509_ALTERNATE_NAME,
      ext->Value.pbData, ext->Value.cbData,

    