projects / platform / upstream / dotnet / runtime.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e3fac16)
Fix clearing of stackallocs in X509Certificates
authorStephen Toub <stoub@microsoft.com>
Mon, 7 Jan 2019 01:40:44 +0000 (20:40 -0500)
committerStephen Toub <stoub@microsoft.com>
Tue, 8 Jan 2019 14:49:59 +0000 (09:49 -0500)
Commit migrated from https://github.com/dotnet/corefx/commit/0b7d7dfbc34c10ec229d759f8c7a3a653cac99c2

src/libraries/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Windows/Native/Helpers.cs patch | blob | history

diff --git a/src/libraries/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Windows/Native/Helpers.cs b/src/libraries/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Windows/Native/Helpers.cs
index c9c192c..f32083b 100644 (file)
--- a/src/libraries/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Windows/Native/Helpers.cs
+++ b/src/libraries/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Windows/Native/Helpers.cs
@@ -85,6 +85,7 @@ namespace Internal.Cryptography.Pal.Native
                     throw Marshal.GetLastWin32Error().ToCryptographicException();
 
                 byte* decoded = stackalloc byte[cb];
+                new Span<byte>(decoded, cb).Clear();
                 if (!Interop.crypt32.CryptDecodeObjectPointer(CertEncodingType.All, lpszStructType, encoded, encoded.Length, CryptDecodeObjectFlags.None, (byte*)decoded, ref cb))
                     throw Marshal.GetLastWin32Error().ToCryptographicException();
 
@@ -102,6 +103,7 @@ namespace Internal.Cryptography.Pal.Native
                     throw Marshal.GetLastWin32Error().ToCryptographicException();
 
                 byte* decoded = stackalloc byte[cb];
+                new Span<byte>(decoded, cb).Clear();
                 if (!Interop.crypt32.CryptDecodeObjectPointer(CertEncodingType.All, lpszStructType, encoded, encoded.Length, CryptDecodeObjectFlags.None, (byte*)decoded, ref cb))
                     throw Marshal.GetLastWin32Error().ToCryptographicException();
 
@@ -119,6 +121,7 @@ namespace Internal.Cryptography.Pal.Native
                     return false;
 
                 byte* decoded = stackalloc byte[cb];
+                new Span<byte>(decoded, cb).Clear();
                 if (!Interop.crypt32.CryptDecodeObjectPointer(CertEncodingType.All, lpszStructType, encoded, encoded.Length, CryptDecodeObjectFlags.None, (byte*)decoded, ref cb))
                     return false;
 
Domain: Dotnet / Core;