alex1234 0 Posted June 4, 2023 There is bug in OverbyteIcsSspi.pas Incorrect definition of DECRYPT_MESSAGE_FN = function(phContext: PCtxtHandle; pMessage: PSecBufferDesc; MessageSeqNo: Cardinal; fQOP: DWORD): SECURITY_STATUS; fQOP is not a DWORD, its PULONG - pointer to DWORD. https://learn.microsoft.com/en-us/windows/win32/secauthn/decryptmessage--negotiate Such incorrect call may lead to access violation errors or data corruption. I think it should be defined like DECRYPT_MESSAGE_FN = function(phContext: PCtxtHandle; pMessage: PSecBufferDesc; MessageSeqNo: Cardinal; var fQOP: DWORD): SECURITY_STATUS; or DECRYPT_MESSAGE_FN = function(phContext: PCtxtHandle; pMessage: PSecBufferDesc; MessageSeqNo: Cardinal; fQOP: PULONG): SECURITY_STATUS; Share this post Link to post
Angus Robertson 577 Posted June 5, 2023 Thanks, this was fixed last week when you reported it by email, it will be in SVN in a day or two. However, ICS does not use DECRYPT_MESSAGE_FN . Angus Share this post Link to post
alex1234 0 Posted June 5, 2023 Thank you. François said its better to post bug reports here so I posted a copy here. >However, ICS does not use DECRYPT_MESSAGE_FN Yes, but someone can use this module for its own code (like me :). And sometimes this code may work, sometimes throw errors. Alex Share this post Link to post
alex1234 0 Posted July 15, 2023 I think I found another bug in this module. type ULONG_PTR = Longword; type _SecHandle = packed record dwLower : ULONG_PTR; dwUpper : ULONG_PTR; end; This will lead to problems in x64 mode. Should be type ULONG_PTR = NativeUInt; OR something like type {$IF (defined(CPUX64) or defined(CPU64BITS) or defined(CPUARM64))} ULONG_PTR = UInt64; {$else} ULONG_PTR = Longword; {$endif} Alex Share this post Link to post
Angus Robertson 577 Posted July 15, 2023 Thanks, I'll fix it next week. Angus Share this post Link to post
Fr0sT.Brutal 900 Posted July 18, 2023 On 7/15/2023 at 2:37 PM, alex1234 said: type {$IF (defined(CPUX64) or defined(CPU64BITS) or defined(CPUARM64))} ULONG_PTR = UInt64; {$else} ULONG_PTR = Longword; {$endif} Better to check if NativeUInt is declared Share this post Link to post
Angus Robertson 577 Posted July 18, 2023 ULONG_PTR should not have been declared in the SSPI unit, we have a Types unit that collects together backward compatible types and already had ULONG_PTR. Angus Share this post Link to post