crypt32: Fail decoding a CRL entry if the serial number is empty.

c5d5c5b6 · Juan Lang · Alexandre Julliard · 571d7518 · c5d5c5b6 · c5d5c5b6
Commit c5d5c5b6 authored Nov 07, 2007 by Juan Lang Committed by Alexandre Julliard Nov 08, 2007
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 1 deletion

decode.c dlls/crypt32/decode.c +6 -0

encode.c dlls/crypt32/tests/encode.c +1 -1

No files found.
--- a/dlls/crypt32/decode.c
+++ b/dlls/crypt32/decode.c
@@ -1065,6 +1065,12 @@ static BOOL CRYPT_AsnDecodeCRLEntry(const BYTE *pbEncoded, DWORD cbEncoded,
    ret = CRYPT_AsnDecodeSequence(items, sizeof(items) / sizeof(items[0]),
     pbEncoded, cbEncoded, dwFlags, NULL, entry, pcbStructInfo, pcbDecoded,
     entry ? entry->SerialNumber.pbData : NULL);
+    if (ret && entry && !entry->SerialNumber.cbData)
+    {
+        WARN("empty CRL entry serial number\n");
+        SetLastError(CRYPT_E_ASN1_CORRUPT);
+        ret = FALSE;
+    }
    return ret;
 }

--- a/dlls/crypt32/tests/encode.c
+++ b/dlls/crypt32/tests/encode.c
@@ -4269,7 +4269,7 @@ static void test_decodeCRLToBeSigned(DWORD dwEncoding)
    ret = CryptDecodeObjectEx(dwEncoding, X509_CERT_CRL_TO_BE_SIGNED,
     v1CRLWithIssuerAndEmptyEntry, v1CRLWithIssuerAndEmptyEntry[1] + 2,
     CRYPT_DECODE_ALLOC_FLAG, NULL, (BYTE *)&buf, &size);
-    todo_wine ok(!ret && GetLastError() == CRYPT_E_ASN1_CORRUPT,
+    ok(!ret && GetLastError() == CRYPT_E_ASN1_CORRUPT,
     "Expected CRYPT_E_ASN1_CORRUPT, got %08x\n", GetLastError());
    /* with a real CRL entry */
    ret = CryptDecodeObjectEx(dwEncoding, X509_CERT_CRL_TO_BE_SIGNED,