fix stack corruption around cbdata when adding a machine certificate

author: chris_bednarski <Chris.Bednarski@minfos.com.au> 2023-08-02 19:39:25 +1000
committer: Rob Mensching <rob@firegiant.com> 2023-08-07 13:35:40 -0700
commit: 023aa61a85c4ae6683f4858bfe76d1990ec63816 (patch)
tree: 5e554667d285c1e139bc87a008ccc55a1754ac57
parent: 3d9737dca609345599079c0a378e80c0a1a9cd5f (diff)
download: wix-023aa61a85c4ae6683f4858bfe76d1990ec63816.tar.gz
wix-023aa61a85c4ae6683f4858bfe76d1990ec63816.tar.bz2
wix-023aa61a85c4ae6683f4858bfe76d1990ec63816.zip
1 files changed, 3 insertions, 3 deletions
diff --git a/src/ext/Iis/ca/scacertexec.cpp b/src/ext/Iis/ca/scacertexec.cpp
index 95870c79..352644af 100644
--- a/src/ext/Iis/ca/scacertexec.cpp
+++ b/src/ext/Iis/ca/scacertexec.cpp
@@ -154,7 +154,7 @@ static HRESULT ExecuteCertificateOperation(
    LPWSTR pwzPFXPassword = NULL;
    LPWSTR pwzFilePath = NULL;
    BYTE* pbData = NULL;
-    DWORD cbData = 0;
+    DWORD_PTR cbData = 0;
    DWORD_PTR cbPFXPassword = 0;
    BOOL fUserStoreLocation = (CERT_SYSTEM_STORE_CURRENT_USER == dwStoreLocation);
@@ -174,7 +174,7 @@ static HRESULT ExecuteCertificateOperation(
    ExitOnFailure(hr, "Failed to parse certificate attribute");
    if (SCA_ACTION_INSTALL == saAction) // install operations need more data
    {
-        hr = WcaReadStreamFromCaData(&pwz, &pbData, (DWORD_PTR*)&cbData);
+        hr = WcaReadStreamFromCaData(&pwz, &pbData, &cbData);
        ExitOnFailure(hr, "Failed to parse certificate stream.");
        hr = WcaReadStringFromCaData(&pwz, &pwzPFXPassword);
@@ -192,7 +192,7 @@ static HRESULT ExecuteCertificateOperation(
        // CertAddCertificateContextToStore(CERT_STORE_ADD_REPLACE_EXISTING) does not remove the private key if the cert is replaced
        UninstallCertificatePackage(hCertStore, fUserStoreLocation, pwzName);
-        hr = InstallCertificatePackage(hCertStore, fUserStoreLocation, pwzName, pbData, cbData, iAttributes & SCA_CERT_ATTRIBUTE_VITAL, pwzPFXPassword);
+        hr = InstallCertificatePackage(hCertStore, fUserStoreLocation, pwzName, pbData, (DWORD)cbData, iAttributes & SCA_CERT_ATTRIBUTE_VITAL, pwzPFXPassword);
        ExitOnFailure(hr, "Failed to install certificate.");
    }
    else
author	chris_bednarski <Chris.Bednarski@minfos.com.au>	2023-08-02 19:39:25 +1000
committer	Rob Mensching <rob@firegiant.com>	2023-08-07 13:35:40 -0700
commit	023aa61a85c4ae6683f4858bfe76d1990ec63816 (patch)
tree	5e554667d285c1e139bc87a008ccc55a1754ac57
parent	3d9737dca609345599079c0a378e80c0a1a9cd5f (diff)
download	wix-023aa61a85c4ae6683f4858bfe76d1990ec63816.tar.gz wix-023aa61a85c4ae6683f4858bfe76d1990ec63816.tar.bz2 wix-023aa61a85c4ae6683f4858bfe76d1990ec63816.zip

diff --git a/src/ext/Iis/ca/scacertexec.cpp b/src/ext/Iis/ca/scacertexec.cpp index 95870c79..352644af 100644 --- a/src/ext/Iis/ca/scacertexec.cpp +++ b/src/ext/Iis/ca/scacertexec.cpp
@@ -154,7 +154,7 @@ static HRESULT ExecuteCertificateOperation(
154	LPWSTR pwzPFXPassword = NULL;	154	LPWSTR pwzPFXPassword = NULL;
155	LPWSTR pwzFilePath = NULL;	155	LPWSTR pwzFilePath = NULL;
156	BYTE* pbData = NULL;	156	BYTE* pbData = NULL;
157	DWORD cbData = 0;	157	DWORD_PTR cbData = 0;
158	DWORD_PTR cbPFXPassword = 0;	158	DWORD_PTR cbPFXPassword = 0;
159		159
160	BOOL fUserStoreLocation = (CERT_SYSTEM_STORE_CURRENT_USER == dwStoreLocation);	160	BOOL fUserStoreLocation = (CERT_SYSTEM_STORE_CURRENT_USER == dwStoreLocation);
@@ -174,7 +174,7 @@ static HRESULT ExecuteCertificateOperation(
174	ExitOnFailure(hr, "Failed to parse certificate attribute");	174	ExitOnFailure(hr, "Failed to parse certificate attribute");
175	if (SCA_ACTION_INSTALL == saAction) // install operations need more data	175	if (SCA_ACTION_INSTALL == saAction) // install operations need more data
176	{	176	{
177	hr = WcaReadStreamFromCaData(&pwz, &pbData, (DWORD_PTR*)&cbData);	177	hr = WcaReadStreamFromCaData(&pwz, &pbData, &cbData);
178	ExitOnFailure(hr, "Failed to parse certificate stream.");	178	ExitOnFailure(hr, "Failed to parse certificate stream.");
179		179
180	hr = WcaReadStringFromCaData(&pwz, &pwzPFXPassword);	180	hr = WcaReadStringFromCaData(&pwz, &pwzPFXPassword);
@@ -192,7 +192,7 @@ static HRESULT ExecuteCertificateOperation(
192	// CertAddCertificateContextToStore(CERT_STORE_ADD_REPLACE_EXISTING) does not remove the private key if the cert is replaced	192	// CertAddCertificateContextToStore(CERT_STORE_ADD_REPLACE_EXISTING) does not remove the private key if the cert is replaced
193	UninstallCertificatePackage(hCertStore, fUserStoreLocation, pwzName);	193	UninstallCertificatePackage(hCertStore, fUserStoreLocation, pwzName);
194		194
195	hr = InstallCertificatePackage(hCertStore, fUserStoreLocation, pwzName, pbData, cbData, iAttributes & SCA_CERT_ATTRIBUTE_VITAL, pwzPFXPassword);	195	hr = InstallCertificatePackage(hCertStore, fUserStoreLocation, pwzName, pbData, (DWORD)cbData, iAttributes & SCA_CERT_ATTRIBUTE_VITAL, pwzPFXPassword);
196	ExitOnFailure(hr, "Failed to install certificate.");	196	ExitOnFailure(hr, "Failed to install certificate.");
197	}	197	}
198	else	198	else