[prev in list] [next in list] [prev in thread] [next in thread] 

List:       wine-devel
Subject:    Re: [PATCH] Only process full TLS frames in schan_DecryptMessage
From:       Hans Leidekker <hans () meelstraat ! net>
Date:       2010-08-31 12:56:46
Message-ID: 1283259406.13615.50.camel () t400
[Download RAW message or body]

On Mon, 2010-08-30 at 23:57 +0300, Mikko Rasa wrote:

> +    SIZE_T expected_size;
> ssize_t received = 0;
> ssize_t ret;
> int idx;
> -    char *buf_ptr;
> +    unsigned char *buf_ptr;
> unsigned int offset;
> 
> TRACE("context_handle %p, message %p, message_seq_no %d, quality %p\n",
> @@ -1230,12 +1243,22 @@ static SECURITY_STATUS SEC_ENTRY \
> schan_DecryptMessage(PCtxtHandle context_handle if (idx == -1)
> return SEC_E_INVALID_TOKEN;
> buffer = &message->pBuffers[idx];
> +    buf_ptr = (unsigned char *)buffer->pvBuffer;
> +
> +    expected_size = 5 + ((buf_ptr[3] << 8) | buf_ptr[4]);
> +    if(buffer->cbBuffer < expected_size)
> +    {
> +        TRACE("Expected %u bytes, but buffer only contains %u bytes\n", \
> expected_size, buffer->cbBuffer); +        TRACE("Returning \
> SEC_E_INCOMPLETE_MESSAGE\n"); +        return SEC_E_INCOMPLETE_MESSAGE;
> +    }

This produces a compiler warning here: schannel.c: In function
‘schan_DecryptMessage': schannel.c:1251: warning: format ‘%u' expects
type ‘unsigned int', but argument 5 has type ‘SIZE_T'


[prev in list] [next in list] [prev in thread] [next in thread]