Commit fe678927 authored by Hans Leidekker's avatar Hans Leidekker Committed by Alexandre Julliard

winhttp: Fix invalid parameter handling in WinHttpQueryAuthSchemes.

parent 78fc21cd
......@@ -1270,12 +1270,14 @@ static BOOL query_auth_schemes( request_t *request, DWORD level, LPDWORD support
return FALSE;
}
scheme = auth_scheme_from_header( buffer );
heap_free( buffer );
if (!scheme) break;
if (first && index == 1)
*first = *supported = scheme;
else
*supported |= scheme;
heap_free( buffer );
ret = TRUE;
}
return ret;
......@@ -1302,6 +1304,13 @@ BOOL WINAPI WinHttpQueryAuthSchemes( HINTERNET hrequest, LPDWORD supported, LPDW
set_last_error( ERROR_WINHTTP_INCORRECT_HANDLE_TYPE );
return FALSE;
}
if (!supported || !first || !target)
{
release_object( &request->hdr );
set_last_error( ERROR_INVALID_PARAMETER );
return FALSE;
}
if (query_auth_schemes( request, WINHTTP_QUERY_WWW_AUTHENTICATE, supported, first ))
{
......
......@@ -1881,7 +1881,7 @@ static void test_basic_request(int port, const WCHAR *verb, const WCHAR *path)
{
HINTERNET ses, con, req;
char buffer[0x100];
DWORD count, status, size, supported, first, target;
DWORD count, status, size, error, supported, first, target;
BOOL ret;
ses = WinHttpOpen(test_useragent, 0, NULL, NULL, 0);
......@@ -1904,12 +1904,15 @@ static void test_basic_request(int port, const WCHAR *verb, const WCHAR *path)
ok(ret, "failed to query status code %u\n", GetLastError());
ok(status == 200, "request failed unexpectedly %u\n", status);
supported = first = target = 0xffff;
supported = first = target = 0xdeadbeef;
SetLastError(0xdeadbeef);
ret = WinHttpQueryAuthSchemes(req, &supported, &first, &target);
error = GetLastError();
ok(!ret, "unexpected success\n");
ok(supported == 0xffff, "got %x\n", supported);
ok(first == 0xffff, "got %x\n", first);
ok(target == 0xffff, "got %x\n", target);
todo_wine ok(error == ERROR_INVALID_OPERATION, "expected ERROR_INVALID_OPERATION, got %u\n", error);
ok(supported == 0xdeadbeef, "got %x\n", supported);
ok(first == 0xdeadbeef, "got %x\n", first);
ok(target == 0xdeadbeef, "got %x\n", target);
count = 0;
memset(buffer, 0, sizeof(buffer));
......@@ -1941,12 +1944,54 @@ static void test_basic_authentication(int port)
req = WinHttpOpenRequest(con, NULL, authW, NULL, NULL, NULL, 0);
ok(req != NULL, "failed to open a request %u\n", GetLastError());
supported = first = target = 0xffff;
SetLastError(0xdeadbeef);
ret = WinHttpQueryAuthSchemes(NULL, NULL, NULL, NULL);
error = GetLastError();
ok(!ret, "expected failure\n");
ok(error == ERROR_INVALID_HANDLE, "expected ERROR_INVALID_HANDLE, got %u\n", error);
SetLastError(0xdeadbeef);
ret = WinHttpQueryAuthSchemes(req, NULL, NULL, NULL);
error = GetLastError();
ok(!ret, "expected failure\n");
ok(error == ERROR_INVALID_PARAMETER || error == ERROR_INVALID_OPERATION, "got %u\n", error);
supported = 0xdeadbeef;
SetLastError(0xdeadbeef);
ret = WinHttpQueryAuthSchemes(req, &supported, NULL, NULL);
error = GetLastError();
ok(!ret, "expected failure\n");
ok(error == ERROR_INVALID_PARAMETER || error == ERROR_INVALID_OPERATION, "got %u\n", error);
ok(supported == 0xdeadbeef, "got %x\n", supported);
supported = first = 0xdeadbeef;
SetLastError(0xdeadbeef);
ret = WinHttpQueryAuthSchemes(req, &supported, &first, NULL);
error = GetLastError();
ok(!ret, "expected failure\n");
ok(error == ERROR_INVALID_PARAMETER || error == ERROR_INVALID_OPERATION, "got %u\n", error);
ok(supported == 0xdeadbeef, "got %x\n", supported);
ok(first == 0xdeadbeef, "got %x\n", first);
supported = first = target = 0xdeadbeef;
SetLastError(0xdeadbeef);
ret = WinHttpQueryAuthSchemes(req, &supported, &first, &target);
ok(!ret, "unexpected success\n");
ok(supported == 0xffff, "got %x\n", supported);
ok(first == 0xffff, "got %x\n", first);
ok(target == 0xffff, "got %x\n", target);
error = GetLastError();
ok(!ret, "expected failure\n");
todo_wine ok(error == ERROR_INVALID_OPERATION, "expected ERROR_INVALID_OPERATION, got %u\n", error);
ok(supported == 0xdeadbeef, "got %x\n", supported);
ok(first == 0xdeadbeef, "got %x\n", first);
ok(target == 0xdeadbeef, "got %x\n", target);
supported = first = target = 0xdeadbeef;
SetLastError(0xdeadbeef);
ret = WinHttpQueryAuthSchemes(NULL, &supported, &first, &target);
error = GetLastError();
ok(!ret, "expected failure\n");
ok(error == ERROR_INVALID_HANDLE, "expected ERROR_INVALID_HANDLE, got %u\n", error);
ok(supported == 0xdeadbeef, "got %x\n", supported);
ok(first == 0xdeadbeef, "got %x\n", first);
ok(target == 0xdeadbeef, "got %x\n", target);
ret = WinHttpSendRequest(req, NULL, 0, NULL, 0, 0, 0);
ok(ret, "failed to send request %u\n", GetLastError());
......@@ -1959,6 +2004,13 @@ static void test_basic_authentication(int port)
ok(ret, "failed to query status code %u\n", GetLastError());
ok(status == 401, "request failed unexpectedly %u\n", status);
supported = first = target = 0xdeadbeef;
ret = WinHttpQueryAuthSchemes(req, &supported, &first, &target);
ok(ret, "failed to query authentication schemes %u\n", GetLastError());
ok(supported == WINHTTP_AUTH_SCHEME_BASIC, "got %x\n", supported);
ok(first == WINHTTP_AUTH_SCHEME_BASIC, "got %x\n", first);
ok(target == WINHTTP_AUTH_TARGET_SERVER, "got %x\n", target);
ret = WinHttpSetCredentials(req, WINHTTP_AUTH_TARGET_SERVER, WINHTTP_AUTH_SCHEME_NTLM, NULL, NULL, NULL);
ok(ret, "failed to set credentials %u\n", GetLastError());
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment