From 41fc10e513238eb7448f308eab9d3852da3f21c2 Mon Sep 17 00:00:00 2001 From: chris_bednarski Date: Wed, 2 Aug 2023 19:39:25 +1000 Subject: [PATCH] fix stack corruption around cbdata when adding a machine certificate --- src/ext/Iis/ca/scacertexec.cpp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/ext/Iis/ca/scacertexec.cpp b/src/ext/Iis/ca/scacertexec.cpp index 95870c79b..352644afe 100644 --- a/src/ext/Iis/ca/scacertexec.cpp +++ b/src/ext/Iis/ca/scacertexec.cpp @@ -154,7 +154,7 @@ static HRESULT ExecuteCertificateOperation( LPWSTR pwzPFXPassword = NULL; LPWSTR pwzFilePath = NULL; BYTE* pbData = NULL; - DWORD cbData = 0; + DWORD_PTR cbData = 0; DWORD_PTR cbPFXPassword = 0; BOOL fUserStoreLocation = (CERT_SYSTEM_STORE_CURRENT_USER == dwStoreLocation); @@ -174,7 +174,7 @@ static HRESULT ExecuteCertificateOperation( ExitOnFailure(hr, "Failed to parse certificate attribute"); if (SCA_ACTION_INSTALL == saAction) // install operations need more data { - hr = WcaReadStreamFromCaData(&pwz, &pbData, (DWORD_PTR*)&cbData); + hr = WcaReadStreamFromCaData(&pwz, &pbData, &cbData); ExitOnFailure(hr, "Failed to parse certificate stream."); hr = WcaReadStringFromCaData(&pwz, &pwzPFXPassword); @@ -192,7 +192,7 @@ static HRESULT ExecuteCertificateOperation( // CertAddCertificateContextToStore(CERT_STORE_ADD_REPLACE_EXISTING) does not remove the private key if the cert is replaced UninstallCertificatePackage(hCertStore, fUserStoreLocation, pwzName); - hr = InstallCertificatePackage(hCertStore, fUserStoreLocation, pwzName, pbData, cbData, iAttributes & SCA_CERT_ATTRIBUTE_VITAL, pwzPFXPassword); + hr = InstallCertificatePackage(hCertStore, fUserStoreLocation, pwzName, pbData, (DWORD)cbData, iAttributes & SCA_CERT_ATTRIBUTE_VITAL, pwzPFXPassword); ExitOnFailure(hr, "Failed to install certificate."); } else