Pass DecodeObject pointer length to callback

src/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Windows/FindPal.cs

@@ -154,8 +154,9 @@ public unsafe void FindByTemplateName(string templateName)
                             byte[] extensionRawData = pV1Template->Value.ToByteArray();
                             if (!extensionRawData.DecodeObjectNoThrow(
                                 CryptDecodeObjectStructType.X509_UNICODE_ANY_STRING,
-                                delegate(void* pvDecoded)
+                                delegate(void* pvDecoded, int cbDecoded)
                                 {
+                                    Debug.Assert(cbDecoded >= sizeof(CERT_NAME_VALUE));
                                     CERT_NAME_VALUE* pNameValue = (CERT_NAME_VALUE*)pvDecoded;
                                     string actual = Marshal.PtrToStringUni(new IntPtr(pNameValue->Value.pbData));
                                     if (templateName.Equals(actual, StringComparison.OrdinalIgnoreCase))
@@ -176,8 +177,9 @@ public unsafe void FindByTemplateName(string templateName)
                             byte[] extensionRawData = pV2Template->Value.ToByteArray();
                             if (!extensionRawData.DecodeObjectNoThrow(
                                 CryptDecodeObjectStructType.X509_CERTIFICATE_TEMPLATE,
-                                delegate(void* pvDecoded)
+                                delegate(void* pvDecoded, int cbDecoded)
                                 {
+                                    Debug.Assert(cbDecoded >= sizeof(CERT_TEMPLATE_EXT));
                                     CERT_TEMPLATE_EXT* pTemplateExt = (CERT_TEMPLATE_EXT*)pvDecoded;
                                     string actual = Marshal.PtrToStringAnsi(pTemplateExt->pszObjId);
                                     string expectedOidValue =
@@ -245,8 +247,9 @@ public unsafe void FindByCertificatePolicy(string oidValue)
                     byte[] extensionRawData = pCertExtension->Value.ToByteArray();
                     if (!extensionRawData.DecodeObjectNoThrow(
                         CryptDecodeObjectStructType.X509_CERT_POLICIES,
-                        delegate(void* pvDecoded)
+                        delegate(void* pvDecoded, int cbDecoded)
                         {
+                            Debug.Assert(cbDecoded >= sizeof(CERT_POLICIES_INFO));
                             CERT_POLICIES_INFO* pCertPoliciesInfo = (CERT_POLICIES_INFO*)pvDecoded;
                             for (int i = 0; i < pCertPoliciesInfo->cPolicyInfo; i++)
                             {

src/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Windows/Native/Helpers.cs

@@ -73,7 +73,7 @@ public static byte[] ValueAsAscii(this Oid oid)
             return Encoding.ASCII.GetBytes(oid.Value);
         }
 
-        public unsafe delegate void DecodedObjectReceiver(void* pvDecodedObject);
+        public unsafe delegate void DecodedObjectReceiver(void* pvDecodedObject, int cbDecodedObject);
 
         public static void DecodeObject(this byte[] encoded, CryptDecodeObjectStructType lpszStructType, DecodedObjectReceiver receiver)
         {
@@ -89,7 +89,7 @@ public static void DecodeObject(this byte[] encoded, CryptDecodeObjectStructType
                 if (!Interop.crypt32.CryptDecodeObjectPointer(CertEncodingType.All, lpszStructType, encoded, encoded.Length, CryptDecodeObjectFlags.None, (byte*)decoded, ref cb))
                     throw Marshal.GetLastWin32Error().ToCryptographicException();
 
-                receiver(decoded);
+                receiver(decoded, cb);
             }
         }
 
@@ -107,7 +107,7 @@ public static void DecodeObject(this byte[] encoded, string lpszStructType, Deco
                 if (!Interop.crypt32.CryptDecodeObjectPointer(CertEncodingType.All, lpszStructType, encoded, encoded.Length, CryptDecodeObjectFlags.None, (byte*)decoded, ref cb))
                     throw Marshal.GetLastWin32Error().ToCryptographicException();
 
-                receiver(decoded);
+                receiver(decoded, cb);
             }
         }
 
@@ -125,7 +125,7 @@ public static bool DecodeObjectNoThrow(this byte[] encoded, CryptDecodeObjectStr
                 if (!Interop.crypt32.CryptDecodeObjectPointer(CertEncodingType.All, lpszStructType, encoded, encoded.Length, CryptDecodeObjectFlags.None, (byte*)decoded, ref cb))
                     return false;
 
-                receiver(decoded);
+                receiver(decoded, cb);
             }
             return true;
         }

src/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Windows/X509Pal.CustomExtensions.cs

@@ -45,8 +45,9 @@ public void DecodeX509KeyUsageExtension(byte[] encoded, out X509KeyUsageFlags ke
                 uint keyUsagesAsUint = 0;
                 encoded.DecodeObject(
                     CryptDecodeObjectStructType.X509_KEY_USAGE,
-                    delegate (void* pvDecoded)
+                    delegate (void* pvDecoded, int cbDecoded)
                     {
+                        Debug.Assert(cbDecoded >= sizeof(CRYPT_BIT_BLOB));
                         CRYPT_BIT_BLOB* pBlob = (CRYPT_BIT_BLOB*)pvDecoded;
                         keyUsagesAsUint = 0;
                         if (pBlob->pbData != null)
@@ -89,8 +90,9 @@ public void DecodeX509BasicConstraintsExtension(byte[] encoded, out bool certifi
 
                 encoded.DecodeObject(
                     CryptDecodeObjectStructType.X509_BASIC_CONSTRAINTS,
-                    delegate (void* pvDecoded)
+                    delegate (void* pvDecoded, int cbDecoded)
                     {
+                        Debug.Assert(cbDecoded >= sizeof(CERT_BASIC_CONSTRAINTS_INFO));
                         CERT_BASIC_CONSTRAINTS_INFO* pBasicConstraints = (CERT_BASIC_CONSTRAINTS_INFO*)pvDecoded;
                         localCertificateAuthority = (pBasicConstraints->SubjectType.pbData[0] & CERT_BASIC_CONSTRAINTS_INFO.CERT_CA_SUBJECT_FLAG) != 0;
                         localHasPathLengthConstraint = pBasicConstraints->fPathLenConstraint != 0;
@@ -114,8 +116,9 @@ public void DecodeX509BasicConstraints2Extension(byte[] encoded, out bool certif
 
                 encoded.DecodeObject(
                     CryptDecodeObjectStructType.X509_BASIC_CONSTRAINTS2,
-                    delegate (void* pvDecoded)
+                    delegate (void* pvDecoded, int cbDecoded)
                     {
+                        Debug.Assert(cbDecoded >= sizeof(CERT_BASIC_CONSTRAINTS2_INFO));
                         CERT_BASIC_CONSTRAINTS2_INFO* pBasicConstraints2 = (CERT_BASIC_CONSTRAINTS2_INFO*)pvDecoded;
                         localCertificateAuthority = pBasicConstraints2->fCA != 0;
                         localHasPathLengthConstraint = pBasicConstraints2->fPathLenConstraint != 0;
@@ -155,8 +158,9 @@ public void DecodeX509EnhancedKeyUsageExtension(byte[] encoded, out OidCollectio
             {
                 encoded.DecodeObject(
                     CryptDecodeObjectStructType.X509_ENHANCED_KEY_USAGE,
-                    delegate (void* pvDecoded)
+                    delegate (void* pvDecoded, int cbDecoded)
                     {
+                        Debug.Assert(cbDecoded >= sizeof(CERT_ENHKEY_USAGE));
                         CERT_ENHKEY_USAGE* pEnhKeyUsage = (CERT_ENHKEY_USAGE*)pvDecoded;
                         int count = pEnhKeyUsage->cUsageIdentifier;
                         for (int i = 0; i < count; i++)
@@ -192,8 +196,9 @@ public void DecodeX509SubjectKeyIdentifierExtension(byte[] encoded, out byte[] s
                 byte[] localSubjectKeyIdentifier = null;
                 encoded.DecodeObject(
                     Oids.SubjectKeyIdentifier,
-                    delegate (void* pvDecoded)
+                    delegate (void* pvDecoded, int cbDecoded)
                     {
+                        Debug.Assert(cbDecoded >= sizeof(CRYPTOAPI_BLOB));
                         CRYPTOAPI_BLOB* pBlob = (CRYPTOAPI_BLOB*)pvDecoded;
                         localSubjectKeyIdentifier = pBlob->ToByteArray();
                     }

src/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Windows/X509Pal.PublicKey.cs

@@ -260,8 +260,9 @@ private static byte[] DecodeDssKeyValue(byte[] encodedKeyValue)
 
                 encodedKeyValue.DecodeObject(
                     CryptDecodeObjectStructType.X509_DSS_PUBLICKEY,
-                    delegate (void* pvDecoded)
+                    delegate (void* pvDecoded, int cbDecoded)
                     {
+                        Debug.Assert(cbDecoded >= sizeof(CRYPTOAPI_BLOB));
                         CRYPTOAPI_BLOB* pBlob = (CRYPTOAPI_BLOB*)pvDecoded;
                         decodedKeyValue = pBlob->ToByteArray();
                     }
@@ -281,8 +282,9 @@ private static void DecodeDssParameters(byte[] encodedParameters, out byte[] p,
             {
                 encodedParameters.DecodeObject(
                     CryptDecodeObjectStructType.X509_DSS_PARAMETERS,
-                    delegate (void* pvDecoded)
+                    delegate (void* pvDecoded, int cbDecoded)
                     {
+                        Debug.Assert(cbDecoded >= sizeof(CERT_DSS_PARAMETERS));
                         CERT_DSS_PARAMETERS* pCertDssParameters = (CERT_DSS_PARAMETERS*)pvDecoded;
                         pLocal = pCertDssParameters->p.ToByteArray();
                         qLocal = pCertDssParameters->q.ToByteArray();