cryptnet: Don't access URL cache entry before it's been read.

da605a93 · Juan Lang · Alexandre Julliard · f50b2c23 · da605a93
Commit da605a93 authored Oct 03, 2008 by Juan Lang Committed by Alexandre Julliard Oct 08, 2008
Hide whitespace changes
Inline Side-by-side

Showing with 33 additions and 28 deletions

cryptnet_main.c dlls/cryptnet/cryptnet_main.c +33 -28

No files found.
--- a/dlls/cryptnet/cryptnet_main.c
+++ b/dlls/cryptnet/cryptnet_main.c
@@ -405,52 +405,57 @@ static BOOL CRYPT_GetObjectFromCache(LPCWSTR pszURL, PCRYPT_BLOB_ARRAY pObject,
 PCRYPT_RETRIEVE_AUX_INFO pAuxInfo)
 {
    BOOL ret = FALSE;
-    INTERNET_CACHE_ENTRY_INFOW cacheInfo = { sizeof(cacheInfo), 0 };
+    INTERNET_CACHE_ENTRY_INFOW *pCacheInfo = NULL;
-    DWORD size = sizeof(cacheInfo);
+    DWORD size = 0;
    TRACE("(%s, %p, %p)\n", debugstr_w(pszURL), pObject, pAuxInfo);
-    if (GetUrlCacheEntryInfoW(pszURL, &cacheInfo, &size) ||
+    ret = GetUrlCacheEntryInfoW(pszURL, NULL, &size);
-     GetLastError() == ERROR_INSUFFICIENT_BUFFER)
+    if (!ret && GetLastError() == ERROR_INSUFFICIENT_BUFFER)
+    {
+        pCacheInfo = CryptMemAlloc(size);
+        if (pCacheInfo)
+            ret = TRUE;
+        else
+            SetLastError(ERROR_OUTOFMEMORY);
+    }
+    if (ret && (ret = GetUrlCacheEntryInfoW(pszURL, pCacheInfo, &size)))
    {
        FILETIME ft;
        GetSystemTimeAsFileTime(&ft);
-        if (CompareFileTime(&cacheInfo.ExpireTime, &ft) >= 0)
+        if (CompareFileTime(&pCacheInfo->ExpireTime, &ft) >= 0)
        {
-            LPINTERNET_CACHE_ENTRY_INFOW pCacheInfo = CryptMemAlloc(size);
+            HANDLE hFile = CreateFileW(pCacheInfo->lpszLocalFileName,
+             GENERIC_READ, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
-            if (pCacheInfo)
+            if (hFile != INVALID_HANDLE_VALUE)
            {
-                if (GetUrlCacheEntryInfoW(pszURL, pCacheInfo, &size))
+                if ((ret = CRYPT_GetObjectFromFile(hFile, pObject)))
                {
-                    HANDLE hFile = CreateFileW(pCacheInfo->lpszLocalFileName,
+                    if (pAuxInfo && pAuxInfo->cbSize >=
-                     GENERIC_READ, 0, NULL, OPEN_EXISTING,
+                     offsetof(CRYPT_RETRIEVE_AUX_INFO,
-                     FILE_ATTRIBUTE_NORMAL, NULL);
+                     pLastSyncTime) + sizeof(PFILETIME) &&
+                     pAuxInfo->pLastSyncTime)
-                    if (hFile != INVALID_HANDLE_VALUE)
+                        memcpy(pAuxInfo->pLastSyncTime,
-                    {
+                         &pCacheInfo->LastSyncTime,
-                        if ((ret = CRYPT_GetObjectFromFile(hFile, pObject)))
+                         sizeof(FILETIME));
-                        {
-                            if (pAuxInfo && pAuxInfo->cbSize >=
-                             offsetof(CRYPT_RETRIEVE_AUX_INFO,
-                             pLastSyncTime) + sizeof(PFILETIME) &&
-                             pAuxInfo->pLastSyncTime)
-                                memcpy(pAuxInfo->pLastSyncTime,
-                                 &pCacheInfo->LastSyncTime,
-                                 sizeof(FILETIME));
-                        }
-                        CloseHandle(hFile);
-                    }
                }
-                CryptMemFree(pCacheInfo);
+                CloseHandle(hFile);
            }
            else
-                SetLastError(ERROR_OUTOFMEMORY);
+            {
+                DeleteUrlCacheEntryW(pszURL);
+                ret = FALSE;
+            }
        }
        else
+        {
            DeleteUrlCacheEntryW(pszURL);
+            ret = FALSE;
+        }
    }
+    CryptMemFree(pCacheInfo);
    TRACE("returning %d\n", ret);
    return ret;
 }