From 2784652ab880dcea82aa212096b64d39695012fc Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Sun, 5 Apr 2015 22:21:59 +0200 Subject: Windows vulnerability fix: CryptAcquireContext vulnerability fix. Add checks to random generator to abort in case of error and display a diagnose message to the user. --- src/ExpandVolume/DlgExpandVolume.cpp | 5 ++++- src/ExpandVolume/ExpandVolume.c | 8 +++++++- 2 files changed, 11 insertions(+), 2 deletions(-) (limited to 'src/ExpandVolume') diff --git a/src/ExpandVolume/DlgExpandVolume.cpp b/src/ExpandVolume/DlgExpandVolume.cpp index 966650bb..db2aa9fd 100644 --- a/src/ExpandVolume/DlgExpandVolume.cpp +++ b/src/ExpandVolume/DlgExpandVolume.cpp @@ -476,7 +476,10 @@ void ExpandVolumeWizard (HWND hwndDlg, char *lpszVolume) } if (Randinit() != ERR_SUCCESS) { - nStatus = ERR_PARAMETER_INCORRECT; + if (CryptoAPILastError == ERROR_SUCCESS) + nStatus = ERR_RAND_INIT_FAILED; + else + nStatus = ERR_CAPI_INIT_FAILED; goto error; } diff --git a/src/ExpandVolume/ExpandVolume.c b/src/ExpandVolume/ExpandVolume.c index 65a3740a..1d777a11 100644 --- a/src/ExpandVolume/ExpandVolume.c +++ b/src/ExpandVolume/ExpandVolume.c @@ -602,7 +602,13 @@ static int ExpandVolume (HWND hwndDlg, char *lpszVolume, Password *pVolumePasswo } if (Randinit ()) - goto error; // note: nStatus == ERR_OS_ERROR + { + if (CryptoAPILastError == ERROR_SUCCESS) + nStatus = ERR_RAND_INIT_FAILED; + else + nStatus = ERR_CAPI_INIT_FAILED; + goto error; + } if (!bDevice && bPreserveTimestamp) { -- cgit v1.2.3