From 370ffa0d149d366cfcc9f544dd182b8b3592d708 Mon Sep 17 00:00:00 2001
From: Hans Leidekker <hans@codeweavers.com>
Date: Mon, 17 Dec 2018 09:47:58 +0100
Subject: [PATCH] bcrypt: Clear magic bytes on destroy.

Based on a patch by Steven Noonan.

Signed-off-by: Hans Leidekker <hans@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
---
 dlls/bcrypt/bcrypt_main.c  |  5 ++++-
 dlls/bcrypt/tests/bcrypt.c | 15 +++++++++++++++
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index 0c68a4f3e6c..c236491ca69 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -214,6 +214,7 @@ NTSTATUS WINAPI BCryptCloseAlgorithmProvider( BCRYPT_ALG_HANDLE handle, DWORD fl
     TRACE( "%p, %08x\n", handle, flags );
 
     if (!alg || alg->hdr.magic != MAGIC_ALG) return STATUS_INVALID_HANDLE;
+    alg->hdr.magic = 0;
     heap_free( alg );
     return STATUS_SUCCESS;
 }
@@ -672,7 +673,8 @@ NTSTATUS WINAPI BCryptDestroyHash( BCRYPT_HASH_HANDLE handle )
 
     TRACE( "%p\n", handle );
 
-    if (!hash || hash->hdr.magic != MAGIC_HASH) return STATUS_INVALID_HANDLE;
+    if (!hash || hash->hdr.magic != MAGIC_HASH) return STATUS_INVALID_PARAMETER;
+    hash->hdr.magic = 0;
     heap_free( hash );
     return STATUS_SUCCESS;
 }
@@ -1265,6 +1267,7 @@ NTSTATUS WINAPI BCryptDestroyKey( BCRYPT_KEY_HANDLE handle )
     TRACE( "%p\n", handle );
 
     if (!key || key->hdr.magic != MAGIC_KEY) return STATUS_INVALID_HANDLE;
+    key->hdr.magic = 0;
     return key_destroy( key );
 }
 
diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c
index c3f8f3d78af..5240c3bafb3 100644
--- a/dlls/bcrypt/tests/bcrypt.c
+++ b/dlls/bcrypt/tests/bcrypt.c
@@ -293,6 +293,12 @@ static void test_hash(const struct hash_test *test)
     ret = pBCryptDestroyHash(hash);
     ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
 
+    ret = pBCryptDestroyHash(hash);
+    ok(ret == STATUS_INVALID_PARAMETER, "got %08x\n", ret);
+
+    ret = pBCryptDestroyHash(NULL);
+    ok(ret == STATUS_INVALID_PARAMETER, "got %08x\n", ret);
+
     ret = pBCryptCloseAlgorithmProvider(alg, 0);
     ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
 }
@@ -1415,8 +1421,17 @@ static void test_BCryptDecrypt(void)
     ok(ret == STATUS_INVALID_HANDLE, "got %08x\n", ret);
     HeapFree(GetProcessHeap(), 0, buf);
 
+    ret = pBCryptDestroyKey(NULL);
+    ok(ret == STATUS_INVALID_HANDLE, "got %08x\n", ret);
+
     ret = pBCryptCloseAlgorithmProvider(aes, 0);
     ok(ret == STATUS_SUCCESS, "got %08x\n", ret);
+
+    ret = pBCryptCloseAlgorithmProvider(aes, 0);
+    ok(ret == STATUS_INVALID_HANDLE, "got %08x\n", ret);
+
+    ret = pBCryptCloseAlgorithmProvider(NULL, 0);
+    ok(ret == STATUS_INVALID_HANDLE, "got %08x\n", ret);
 }
 
 static void test_key_import_export(void)