From 4fa4d6d22708231a51bdff93ef3220aa95b6fc80 Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Sun, 31 Aug 2014 23:56:37 +0200
Subject: Windows vulnerability fix: correct possible BSOD attack targeted
 towards GetWipePassCount() / WipeBuffer() found by the Open Crypto Audit
 Project.

---
 src/Common/Password.c | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'src/Common/Password.c')

diff --git a/src/Common/Password.c b/src/Common/Password.c
index c23bd4fa..b1fa83ef 100644
--- a/src/Common/Password.c
+++ b/src/Common/Password.c
@@ -143,6 +143,13 @@ int ChangePwd (const char *lpszVolume, Password *oldPassword, Password *newPassw
 
 	if (oldPassword->Length == 0 || newPassword->Length == 0) return -1;
 
+	if (wipePassCount <= 0)
+	{
+      nStatus = ERR_PARAMETER_INCORRECT;
+      handleError (hwndDlg, nStatus);
+      return nStatus;
+	}
+
    if (!lpszVolume)
    {
       nStatus = ERR_OUTOFMEMORY;
-- 
cgit v1.2.3