Commit d245e797 authored by Rob Shearman's avatar Rob Shearman Committed by Alexandre Julliard

advapi32: Make sure not to return a credential with a NULL UserName field when a…

advapi32: Make sure not to return a credential with a NULL UserName field when a Mac Keychain doesn't have an account name attribute.
parent 99c27e7d
...@@ -250,6 +250,7 @@ static DWORD mac_read_credential_from_item(SecKeychainItemRef item, BOOL require ...@@ -250,6 +250,7 @@ static DWORD mac_read_credential_from_item(SecKeychainItemRef item, BOOL require
void *cred_blob; void *cred_blob;
LPWSTR domain = NULL; LPWSTR domain = NULL;
LPWSTR user = NULL; LPWSTR user = NULL;
BOOL user_name_present = FALSE;
SecKeychainAttributeInfo info; SecKeychainAttributeInfo info;
SecKeychainAttributeList *attr_list; SecKeychainAttributeList *attr_list;
UInt32 info_tags[] = { kSecServerItemAttr, kSecSecurityDomainItemAttr, kSecAccountItemAttr, UInt32 info_tags[] = { kSecServerItemAttr, kSecSecurityDomainItemAttr, kSecAccountItemAttr,
...@@ -269,6 +270,19 @@ static DWORD mac_read_credential_from_item(SecKeychainItemRef item, BOOL require ...@@ -269,6 +270,19 @@ static DWORD mac_read_credential_from_item(SecKeychainItemRef item, BOOL require
WARN("SecKeychainItemCopyAttributesAndData returned status %ld\n", status); WARN("SecKeychainItemCopyAttributesAndData returned status %ld\n", status);
return ERROR_NOT_FOUND; return ERROR_NOT_FOUND;
} }
for (i = 0; i < attr_list->count; i++)
if (attr_list->attr[i].tag == kSecAccountItemAttr && attr_list->attr[i].data)
{
user_name_present = TRUE;
break;
}
if (!user_name_present)
{
WARN("no kSecAccountItemAttr for item\n");
return ERROR_NOT_FOUND;
}
if (buffer) if (buffer)
{ {
credential->Flags = 0; credential->Flags = 0;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment