From 4fa4d6d22708231a51bdff93ef3220aa95b6fc80 Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Sun, 31 Aug 2014 23:56:37 +0200
Subject: Windows vulnerability fix: correct possible BSOD attack targeted
 towards GetWipePassCount() / WipeBuffer() found by the Open Crypto Audit
 Project.

---
 src/Common/BootEncryption.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/Common/BootEncryption.cpp')

diff --git a/src/Common/BootEncryption.cpp b/src/Common/BootEncryption.cpp
index e57a434e..9f848fc7 100644
--- a/src/Common/BootEncryption.cpp
+++ b/src/Common/BootEncryption.cpp
@@ -2064,7 +2064,7 @@ namespace VeraCrypt
 	{
 		BootEncryptionStatus encStatus = GetStatus();
 
-		if (encStatus.SetupInProgress)
+		if (encStatus.SetupInProgress || (wipePassCount <= 0))
 			throw ParameterIncorrect (SRC_POS);
 
 		SystemDriveConfiguration config = GetSystemDriveConfiguration ();
-- 
cgit v1.2.3