Can I get a dump of the context of that call? Where is it getting called? Trying to figure out how the poisoned parameters are getting delivered.
OK, this explains the call to ChainComparePublicKeyParametersAndBytes() in ChainGetSubjectStatus():pic.twitter.com/73kigQtgw9
-
-
-
ChainComparePublicKeyParametersAndBytes used to just be a memcmp before the patch. Same with any calls to IsRootEntryMatch. Both new functions.
- Još 1 odgovor
Novi razgovor -
-
-
Tweet je nedostupan.
-
yes, crypt32.dll version 10.0.17763.973 (diffed on windows 10 1809)
- Još 1 odgovor
-
-
-
what's the context to this code? is this the code that's called when Windows tries to verify a root CA?
-
At least one way to hit this code path is from WinVerifyTrust(), ie run sigcheck c:\windows\explorer.exe ->pic.twitter.com/9p6cUu16WA
Kraj razgovora
Novi razgovor -
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.