- Merged fixes 1394 and 1395 from trunk to PolarSSL 1.2 branch
diff --git a/library/x509parse.c b/library/x509parse.c
index ab633be..843dba7 100644
--- a/library/x509parse.c
+++ b/library/x509parse.c
@@ -60,9 +60,7 @@
#if defined(POLARSSL_FS_IO)
#include <stdio.h>
-#if defined(_WIN32)
-#include <strsafe.h>
-#else
+#if !defined(_WIN32)
#include <sys/types.h>
#include <dirent.h>
#endif
@@ -1878,50 +1876,55 @@
WCHAR szDir[MAX_PATH];
char filename[MAX_PATH];
char *p;
+ int len = strlen( path );
WIN32_FIND_DATA file_data;
HANDLE hFind;
- DWORD dwError = 0;
+
+ if( len > MAX_PATH - 3 )
+ return( POLARSSL_ERR_X509_INVALID_INPUT );
memset( szDir, 0, sizeof(szDir) );
memset( filename, 0, MAX_PATH );
- memcpy( filename, path, strlen( path ) );
- filename[strlen( path )] = '\\';
- p = filename + strlen( path ) + 1;
+ memcpy( filename, path, len );
+ filename[len++] = '\\';
+ p = filename + len;
+ filename[len++] = '*';
- w_ret = MultiByteToWideChar( CP_ACP, 0, path, strlen(path), szDir, MAX_PATH - 3 );
-
- StringCchCopyW(szDir, MAX_PATH, szDir);
- StringCchCatW(szDir, MAX_PATH, TEXT("\\*"));
+ w_ret = MultiByteToWideChar( CP_ACP, 0, path, len, szDir, MAX_PATH - 3 );
hFind = FindFirstFile( szDir, &file_data );
if (hFind == INVALID_HANDLE_VALUE)
return( POLARSSL_ERR_X509_FILE_IO_ERROR );
+ len = MAX_PATH - len;
do
{
- memset( p, 0, filename + MAX_PATH - p - 1 );
+ memset( p, 0, len );
if( file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY )
continue;
w_ret = WideCharToMultiByte( CP_ACP, 0, file_data.cFileName,
lstrlenW(file_data.cFileName),
- p,
- filename + MAX_PATH - p - 2, NULL, NULL );
+ p, len - 1,
+ NULL, NULL );
w_ret = x509parse_crtfile( chain, filename );
if( w_ret < 0 )
- return( w_ret );
+ {
+ ret = w_ret;
+ goto cleanup;
+ }
ret += w_ret;
}
while( FindNextFile( hFind, &file_data ) != 0 );
- dwError = GetLastError();
- if (dwError != ERROR_NO_MORE_FILES)
- return( POLARSSL_ERR_X509_FILE_IO_ERROR );
+ if (GetLastError() != ERROR_NO_MORE_FILES)
+ ret = POLARSSL_ERR_X509_FILE_IO_ERROR;
+cleanup:
FindClose( hFind );
#else
int t_ret;