[Webkit-unassigned] [Bug 46450] Add Windows implementation of PlatformCertificateInfo
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Sep 24 07:46:02 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=46450
Adam Roben (aroben) <aroben at apple.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #68653|review? |review+
Flag| |
--- Comment #3 from Adam Roben (aroben) <aroben at apple.com> 2010-09-24 07:46:02 PST ---
(From update of attachment 68653)
View in context: https://bugs.webkit.org/attachment.cgi?id=68653&action=review
> WebKit2/Shared/win/PlatformCertificateInfo.cpp:54
> + RetainPtr<CFDictionaryRef> certificateInfo = wkGetSSLCertificateInfo(cfResponse);
> + if (!certificateInfo)
> + return;
Why the RetainPtr? There's no need to retain/release the dictionary in this function.
> WebKit2/Shared/win/PlatformCertificateInfo.cpp:60
> + m_certificateContext = CertDuplicateCertificateContext((PCCERT_CONTEXT)data);
static_cast would be nicer.
Seems like this file needs a sprinkling of :: on the CryptoAPI calls.
> WebKit2/Shared/win/PlatformCertificateInfo.cpp:118
> + nameSize = CertGetNameString(certificate, dwType, 0, pvTypePara, 0, 0);
> + if (!nameSize)
> + return 0;
> + OwnArrayPtr<WCHAR> name(new WCHAR[nameSize - 1]);
> + CertGetNameString(certificate, dwType, 0, pvTypePara, name.get(), nameSize);
I think you're causing a buffer overrun here. You're telling CertGetNameString that the buffer is nameSize characters long, but it's only nameSize - 1 characters long!
You should also use ::CertGetNameStringW.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list