{"id":92934,"date":"2016-01-27T07:00:00","date_gmt":"2016-01-27T22:00:00","guid":{"rendered":"https:\/\/blogs.msdn.microsoft.com\/oldnewthing\/?p=92934"},"modified":"2019-03-13T10:29:21","modified_gmt":"2019-03-13T17:29:21","slug":"20160127-00","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/oldnewthing\/20160127-00\/?p=92934","title":{"rendered":"Why does CryptDestroyHash crash, but only sometimes?"},"content":{"rendered":"

A customer was having a problem with the cryptographic hashing functions. They reported that their function ran successfully most of the time, but once in a while, it crashed at the call to Crypt­Destroy­Hash<\/code>: <\/p>\n

\nbool SomethingSomething(BYTE *buffer, int bufferSize)\n{\n    bool succeeded = true;\n    HCRYPTPROV provider = 0;\n    HCRYPTHASH hash = 0;\n\n    if (!CryptAcquireContext(&provider, NULL, NULL,\n                           PROV_RSA_FULL, CRYPT_VERIFYCONTEXT) ||\n        !CryptCreateHash(provider, CALG_MD5, 0, 0, &hash))\n    {\n        succeeded = false;\n        goto Exit;\n    }\n\n    BYTE hashResult[16]; \/\/ MD5 hash is 16 bytes\n    DWORD hashResultSize = sizeof(hashResult);\n\n    if (!CryptHashData(hash, buffer, bufferSize, 0) ||\n        !CryptGetHashParam(hash, HP_HASHVAL, hashResult,\n                                          &hashResultSize, 0)) {\n        succeeded = false;\n        goto Exit;\n    }\n\n    DoSomethingWith(hashResult); \/\/ some business logic\n\n    if (provider) {\n        CryptReleaseContext(provider, 0);\n    }\n\n    if (hash) {\n        CryptDestroyHash(hash);\n    }\n\nExit:\n\n    return succeeded;\n}\n<\/pre>\n
The reason for the crash is straightforward. As noted in the documentation, you must call Crypt­Destroy­Hash<\/code> before Crypt­Release­Context<\/code><\/a>. (The technical reason for this is that each hash has a reference back to the context, so if you destroy the context, you leave the hash with a dangling pointer.) <\/p>\n
This was a relatively straightforward consult. A simple programming error. The customer thanked us for identifying the problem, but then followed up with “But why is it happening only rarely? Shouldn’t it crash all the time?” <\/p>\n
Remember that when you break the rules, the behavior is undefined, and one valid manifestion of undefined behavior is “Everything seems to work okay.” <\/p>\n
You may have noticed some other problems with the code provided. <\/p>\n