Detlef Riekenberg wrote:

On Di, 2007-10-30 at 12:36 +0000, Robert Shearman wrote:

...

+static DWORD open_cred_mgr_key(HKEY *hkey, BOOL open_for_write) +{

• return RegCreateKeyExW(HKEY_CURRENT_USER,

wszCredentialManagerKey, 0,

•                       NULL, REG_OPTION_NON_VOLATILE,
  

•                       KEY_READ | KEY_WRITE, NULL, hkey, NULL);
  

+}

What's the reason of the Parameter "BOOL open_for_write" ?

open_cred_mgr_key is called with (..., TRUE) and (..., FALSE), but you always use "KEY_READ | KEY_WRITE".

On the other hand, gcc does not warn about that unused Parameter. My first Idea was the optimizer in gcc, but removing "-O2" does not give us a warning.

With "-pedantic", we lost (but still no warning for "open_for_write").

It was left over from a previous revision of the code. Opening that key with read-only access worked until I needed to store the encryption key in the root of it, so I fixed it without cleaning up the code properly.

There are two options now: fix the CredRead/CredEnumerate code to cope with the encryption key not being there, or just remove the BOOL parameter from open_cred_mgr_key. Since HKEY_CURRENT_USER should always be writable (except in specific cases on Windows w.r.t. restricted users, which we probably wouldn't want accessing this key anyway), I'm going do the latter option to fix it.

Thanks for spotting it,