On Sun, 2022-03-06 at 12:22 -0300, Santino Mazza wrote:
Signed-off-by: Santino Mazza mazzasantino1206@gmail.com
dlls/bcrypt/bcrypt_main.c | 5 +++++ dlls/bcrypt/tests/bcrypt.c | 18 +++++++++++++++++- 2 files changed, 22 insertions(+), 1 deletion(-)
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c index 7353cae26eb..e62be127bb4 100644 --- a/dlls/bcrypt/bcrypt_main.c +++ b/dlls/bcrypt/bcrypt_main.c @@ -701,6 +701,11 @@ static NTSTATUS set_key_property( struct key *key, const WCHAR *prop, UCHAR *val return STATUS_NOT_IMPLEMENTED; } }
- else if (!wcscmp( prop, BCRYPT_KEY_LENGTH ))
- {
key->u.a.bitlen = *(DWORD*)value;return STATUS_SUCCESS;- }
You should check that input length is larger than or equal to sizeof(DWORD) before reading from the buffer.
- ret = BCryptSetProperty(key, BCRYPT_KEY_LENGTH, &keylen, sizeof(keylen), 0);
- ok(ret == STATUS_SUCCESS, "got %#lx\n", ret);
pad.pszAlgId = BCRYPT_SHA1_ALGORITHM; memset(sig, 0, sizeof(sig)); ret = BCryptSignHash(key, &pad, hash, sizeof(hash), sig, sizeof(sig), &len, BCRYPT_PAD_PKCS1);
This produces warnings:
../wine/dlls/bcrypt/tests/bcrypt.c:713:53: warning: passing argument 3 of ‘BCryptSetProperty’ from incompatible pointer type [-Wincompatible-pointer-types] 713 | ret = BCryptSetProperty(aes, BCRYPT_KEY_LENGTH, &keylen, sizeof(keylen), 0); | ^~~~~~~ | | | DWORD * {aka long unsigned int *}