[xmlsec] Re: bug in src\mscrypto\app.c
Aleksey Sanin
aleksey at aleksey.com
Thu Nov 13 08:23:55 PST 2003
Yep. Fixed and commited! Thank you very much for noticing this!
If someone needs a patch it's bellow.
Aleksey
Index: src/mscrypto/app.c
===================================================================
RCS file: /cvs/gnome/xmlsec/src/mscrypto/app.c,v
retrieving revision 1.5
diff -u -r1.5 app.c
--- src/mscrypto/app.c 30 Sep 2003 02:09:51 -0000 1.5
+++ src/mscrypto/app.c 13 Nov 2003 16:27:17 -0000
@@ -552,8 +552,8 @@
void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
int ret, len;
CRYPT_DATA_BLOB pfx;
- HCERTSTORE hCertStore;
- PCCERT_CONTEXT tmpcert;
+ HCERTSTORE hCertStore = NULL;
+ PCCERT_CONTEXT tmpcert = NULL;
PCCERT_CONTEXT pCert = NULL;
WCHAR* wcPwd = NULL;
xmlSecKeyDataPtr x509Data = NULL;
Glenn Horton wrote:
> Aleksey,
>
> I found a couple of bugs in one of the mscrypto files, in mscrypto\app.c at line
> 555, hCertStore needs to be initialized to NULL and at line 556 tmpcert needs to be
> initialized to NULL. I found this because the "data" argument that I passed in was
> invalid and that caused a failure at line 573. When that happens, the code at the
> done: label causes access violations because hCertStore and tmpcert were not
> initialized properly.
>
>
More information about the xmlsec
mailing list