Re: [crypt32] CryptProtectData/CryptUnprotectData helper functions

Kees Cook kees@outflux.net writes:

+static int +hexprint(const char *s, unsigned char *p, int n) +{

• char report[80];
• int r=-1;
• snprintf(report,16,"%14s:", s);
• while (--n >= 0)
• {

•    if (r++ % 20 == 19)
  

•    {
  

•        wine_dbg_printf("%s\n",report);
  

•        snprintf(report,16,"%14s ", "");
  

•    }
  

•    sprintf(report+strlen(report)," %02x", *p++);
  

• }
• wine_dbg_printf("%s\n",report);

You should use wine_dbg_sprintf here and return a string.

+static +void serialize_dword(DWORD value,BYTE ** ptr) +{

• /*TRACE("called\n");*/
• *((DWORD*)*ptr)=value;
• *ptr+=sizeof(DWORD);

This (and other similar things later on) isn't safe for CPUs that don't allow unaligned accesses, you have to use memcpy instead.

+static +BOOL fill_protect_data(struct protect_data_t * pInfo, LPCWSTR szDataDescr,

•                   HCRYPTPROV hProv)
  

+{

• DWORD dwStrLen;
• TRACE("called\n");
• if (!pInfo) return FALSE;
• dwStrLen=lstrlenW(szDataDescr);
• memset(pInfo,0,sizeof(*pInfo));
• pInfo->count0=0x0001;
• pInfo->info0.cbData=strlen(crypt_magic_str)+1;
• pInfo->info0.pbData=strdup(crypt_magic_str);

You don't want to use strdup, you should use HeapAlloc and friends (especially since you use HeapFree later on).

+static void +crypt_report_func_input(DATA_BLOB* pDataIn,

•                    DATA_BLOB* pOptionalEntropy,
  

•                    CRYPTPROTECT_PROMPTSTRUCT* pPromptStruct,
  

•                    DWORD dwFlags)
  

+{

• wine_dbg_printf("\tpPromptStruct: 0x%x\n",(unsigned int)pPromptStruct);
• if (pPromptStruct)
• {

•    wine_dbg_printf("\t\tcbSize: 0x%x\n",(unsigned int)pPromptStruct->cbSize);
  

•    wine_dbg_printf("\t\tdwPromptFlags: 0x%x\n",(unsigned int)pPromptStruct->dwPromptFlags);
  

•    wine_dbg_printf("\t\thwndApp: 0x%x\n",(unsigned int)pPromptStruct->hwndApp);
  

•    wine_dbg_printf("\t\tszPrompt: 0x%x %s\n",
  

•            (unsigned int)pPromptStruct->szPrompt,
  

•            pPromptStruct->szPrompt ? debugstr_w(pPromptStruct->szPrompt)
  

•            : "");
  

• }
• wine_dbg_printf("\tdwFlags: 0x%04x\n",(unsigned int)dwFlags);
• wine_dbg_printf("\tpDataIn->cbData: %u\n",(unsigned int)pDataIn->cbData);
• wine_dbg_printf("\tpDataIn->pbData: 0x%x\n",(unsigned int)pDataIn->pbData);
• hexprint("pbData", pDataIn->pbData, pDataIn->cbData);
• if (pOptionalEntropy)
• {

•    wine_dbg_printf("\tpOptionalEntropy->cbData: %u\n",(unsigned int)pOptionalEntropy->cbData);
  

•    wine_dbg_printf("\tpOptionalEntropy->pbData: 0x%x\n",(unsigned int)pOptionalEntropy->pbData);
  

•    hexprint("pbData", pOptionalEntropy->pbData, pOptionalEntropy->cbData);
  

•    wine_dbg_printf("\t\t%s\n",debugstr_an(pOptionalEntropy->pbData,pOptionalEntropy->cbData));
  

• }

+}

+static void +announce_bad_opaque_data() +{

• wine_dbg_printf("CryptUnprotectData received the following pDataIn DATA_BLOB that seems to\n");
• wine_dbg_printf("have NOT been generated by Wine:\n");

+}

You should use the TRACE/FIXME macros here, not raw wine_dbg_printf.