Hi Marcus,
Ideally this patch would be accompanied by a test. Also, this change:
@@ -212,6 +212,10 @@ static BOOL CRYPT_DecodeEnsureSpace(DWORD dwFlags,
if (dwFlags & CRYPT_DECODE_ALLOC_FLAG) { + if (!pvStructInfo) { + SetLastError(ERROR_INVALID_PARAMETER); + return FALSE; + }
is a noop in all but one case: all the callers of CRYPT_DecodeEnsureSpace, save one, check pvStructInfo before calling it. It would be clearer, IMO, to change the single caller that doesn't check pvStructInfo (CryptDecodeObjectEx) rather than adding a check that is useless in most cases. A similar statement applies to the encode.c change: just change CryptEncodeObjectEx, not CRYPT_EncodeEnsureSpace.
Finally, please indent consistently with the rest of the file.
If you prefer, I can try to fix this. Triaging the Coverity bugs is probably enough work by itself, without being expected to fix them too ;-) Thanks, --Juan