Hi,
While investigating another issue in the Project Monitor, I saw the following code in MonitorEditProject:
[[[
pEditProject->username = CStringUtils::Encrypt(dlg.m_sUsername);
pEditProject->password = CStringUtils::Encrypt(dlg.m_sPassword);
pEditProject->username.Remove('\r');
pEditProject->password.Remove('\r');
pEditProject->username.Replace('\n', ' ');
pEditProject->password.Replace('\n', ' ');
]]]
Is there a guarantee that CryptBinaryToStringW (called by Encrypt) cannot return \r or \n in the encrypted (and formatted) data?
The code was added in r25576. In r25909, the flag CRYPT_STRING_NOCRLF was added in the call to CryptBinaryToStringW.
Kind regards,
Daniel