Andrew Nguyen : setupapi: Validate the cabinet filename parameter in SetupIterateCabinetA.

Alexandre Julliard julliard at winehq.org
Wed Jun 16 13:23:22 CDT 2010


Module: wine
Branch: master
Commit: bc21be89ab01f56fb9cd337759f45173ab73b28c
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=bc21be89ab01f56fb9cd337759f45173ab73b28c

Author: Andrew Nguyen <anguyen at codeweavers.com>
Date:   Wed Jun 16 07:34:51 2010 -0500

setupapi: Validate the cabinet filename parameter in SetupIterateCabinetA.

---

 dlls/setupapi/setupcab.c        |    9 ++-
 dlls/setupapi/tests/Makefile.in |    1 +
 dlls/setupapi/tests/setupcab.c  |  121 +++++++++++++++++++++++++++++++++++++++
 3 files changed, 129 insertions(+), 2 deletions(-)

diff --git a/dlls/setupapi/setupcab.c b/dlls/setupapi/setupcab.c
index 0dd2d86..185fe17 100644
--- a/dlls/setupapi/setupcab.c
+++ b/dlls/setupapi/setupcab.c
@@ -555,17 +555,22 @@ BOOL WINAPI SetupIterateCabinetA(PCSTR CabinetFile, DWORD Reserved,
 
   SC_HSC_A my_hsc;
   ERF erf;
-  CHAR pszCabinet[MAX_PATH], pszCabPath[MAX_PATH], *p;
+  CHAR pszCabinet[MAX_PATH], pszCabPath[MAX_PATH], *p = NULL;
   DWORD fpnsize;
   BOOL ret;
 
-
   TRACE("(CabinetFile == %s, Reserved == %u, MsgHandler == ^%p, Context == ^%p)\n",
         debugstr_a(CabinetFile), Reserved, MsgHandler, Context);
 
   if (!LoadCABINETDll())
     return FALSE;
 
+  if (!CabinetFile)
+  {
+    SetLastError(ERROR_INVALID_PARAMETER);
+    return FALSE;
+  }
+
   fpnsize = strlen(CabinetFile);
   if (fpnsize >= MAX_PATH) {
     SetLastError(ERROR_BAD_PATHNAME);
diff --git a/dlls/setupapi/tests/Makefile.in b/dlls/setupapi/tests/Makefile.in
index ed3a4c0..332d8a0 100644
--- a/dlls/setupapi/tests/Makefile.in
+++ b/dlls/setupapi/tests/Makefile.in
@@ -11,6 +11,7 @@ C_SRCS = \
 	misc.c \
 	parser.c \
 	query.c \
+	setupcab.c \
 	stringtable.c
 
 @MAKE_TEST_RULES@
diff --git a/dlls/setupapi/tests/setupcab.c b/dlls/setupapi/tests/setupcab.c
new file mode 100644
index 0000000..6e211ce
--- /dev/null
+++ b/dlls/setupapi/tests/setupcab.c
@@ -0,0 +1,121 @@
+/*
+ * Unit tests for SetupIterateCabinet
+ *
+ * Copyright 2007 Hans Leidekker
+ * Copyright 2010 Andrew Nguyen
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#include <stdarg.h>
+
+#include "windef.h"
+#include "winbase.h"
+#include "wingdi.h"
+#include "winuser.h"
+#include "winreg.h"
+#include "setupapi.h"
+#include "wine/test.h"
+
+static void create_source_fileA(LPSTR filename, const BYTE *data, DWORD size)
+{
+    HANDLE handle;
+    DWORD written;
+
+    handle = CreateFileA(filename, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS,
+                         FILE_ATTRIBUTE_NORMAL, NULL);
+    WriteFile(handle, data, size, &written, NULL);
+    CloseHandle(handle);
+}
+
+static UINT CALLBACK dummy_callbackA(PVOID Context, UINT Notification,
+                                     UINT_PTR Param1, UINT_PTR Param2)
+{
+    ok(0, "Received unexpected notification (%p, %u, %lu, %lu)\n", Context,
+       Notification, Param1, Param2);
+    return 0;
+}
+
+static void test_invalid_parametersA(void)
+{
+    BOOL ret;
+    char source[MAX_PATH], temp[MAX_PATH];
+    int i;
+
+    const struct
+    {
+        PCSTR CabinetFile;
+        PSP_FILE_CALLBACK MsgHandler;
+        DWORD expected_lasterror;
+        int todo_lasterror;
+    } invalid_parameters[] =
+    {
+        {NULL,                  NULL,            ERROR_INVALID_PARAMETER},
+        {NULL,                  dummy_callbackA, ERROR_INVALID_PARAMETER},
+        {"c:\\nonexistent.cab", NULL,            ERROR_FILE_NOT_FOUND},
+        {"c:\\nonexistent.cab", dummy_callbackA, ERROR_FILE_NOT_FOUND},
+        {source,                NULL,            ERROR_INVALID_DATA, 1},
+        {source,                dummy_callbackA, ERROR_INVALID_DATA, 1},
+    };
+
+    GetTempPathA(sizeof(temp), temp);
+    GetTempFileNameA(temp, "doc", 0, source);
+
+    create_source_fileA(source, NULL, 0);
+
+    for (i = 0; i < sizeof(invalid_parameters)/sizeof(invalid_parameters[0]); i++)
+    {
+        SetLastError(0xdeadbeef);
+        ret = SetupIterateCabinetA(invalid_parameters[i].CabinetFile, 0,
+                                   invalid_parameters[i].MsgHandler, NULL);
+        ok(!ret, "[%d] Expected SetupIterateCabinetA to return 0, got %d\n", i, ret);
+        if (invalid_parameters[i].todo_lasterror)
+        {
+            todo_wine
+            ok(GetLastError() == invalid_parameters[i].expected_lasterror,
+               "[%d] Expected GetLastError() to return %u, got %u\n",
+               i, invalid_parameters[i].expected_lasterror, GetLastError());
+        }
+        else
+        {
+            ok(GetLastError() == invalid_parameters[i].expected_lasterror,
+               "[%d] Expected GetLastError() to return %u, got %u\n",
+               i, invalid_parameters[i].expected_lasterror, GetLastError());
+        }
+    }
+
+    SetLastError(0xdeadbeef);
+    ret = SetupIterateCabinetA("", 0, NULL, NULL);
+    ok(!ret, "Expected SetupIterateCabinetA to return 0, got %d\n", ret);
+    ok(GetLastError() == ERROR_NOT_ENOUGH_MEMORY ||
+       GetLastError() == ERROR_FILE_NOT_FOUND, /* Win9x/NT4/Win2k */
+       "Expected GetLastError() to return ERROR_NOT_ENOUGH_MEMORY, got %u\n",
+       GetLastError());
+
+    SetLastError(0xdeadbeef);
+    ret = SetupIterateCabinetA("", 0, dummy_callbackA, NULL);
+    ok(!ret, "Expected SetupIterateCabinetA to return 0, got %d\n", ret);
+    ok(GetLastError() == ERROR_NOT_ENOUGH_MEMORY ||
+       GetLastError() == ERROR_FILE_NOT_FOUND, /* Win9x/NT4/Win2k */
+       "Expected GetLastError() to return ERROR_NOT_ENOUGH_MEMORY, got %u\n",
+       GetLastError());
+
+    DeleteFileA(source);
+}
+
+START_TEST(setupcab)
+{
+    test_invalid_parametersA();
+}




More information about the wine-cvs mailing list