If both branches are false we would never initialize it.
-- v2: bcrypt: Add error handling if neither public nor private key is available (Coverity)
From: Fabian Maurer dark.shadow4@web.de
--- dlls/bcrypt/gnutls.c | 6 ++++++ 1 file changed, 6 insertions(+)
diff --git a/dlls/bcrypt/gnutls.c b/dlls/bcrypt/gnutls.c index 68f84a553d2..3878a68ea4a 100644 --- a/dlls/bcrypt/gnutls.c +++ b/dlls/bcrypt/gnutls.c @@ -1601,6 +1601,12 @@ static NTSTATUS key_export_dh_public( struct key *key, UCHAR *buf, ULONG len, UL ret = pgnutls_pubkey_export_dh_raw( key_data(key)->a.pubkey, params, &y, 0 ); else if (key_data(key)->a.privkey) ret = pgnutls_privkey_export_dh_raw( key_data(key)->a.privkey, params, &y, &x, 0 ); + else + { + ERR( "Must provide public or private key\n" ); + pgnutls_dh_params_deinit( params ); + return STATUS_INTERNAL_ERROR; + }
if (ret) {
On Sun Dec 10 23:28:12 2023 +0000, Hans Leidekker wrote:
There should always be either a public key or a private key, or both. If both branches can be false that's the bug that should be fixed.
Alright, I added another branch for this error condition. I mean, it should never happen, but IMHO we could still check for it instead of silently corrupting memory should it happen.
Obsolete since f067283f9b41b3e71c870de5c2fff7b9857dc98
This merge request was closed by Fabian Maurer.
-
Fabian Maurer -
Fabian Maurer (@DarkShadow44)