Andrew Nguyen : setupapi: Validate the cabinet filename parameter in SetupIterateCabinetA.
Alexandre Julliard
julliard at winehq.org
Wed Jun 16 13:23:22 CDT 2010
Module: wine
Branch: master
Commit: bc21be89ab01f56fb9cd337759f45173ab73b28c
URL: http://source.winehq.org/git/wine.git/?a=commit;h=bc21be89ab01f56fb9cd337759f45173ab73b28c
Author: Andrew Nguyen <anguyen at codeweavers.com>
Date: Wed Jun 16 07:34:51 2010 -0500
setupapi: Validate the cabinet filename parameter in SetupIterateCabinetA.
---
dlls/setupapi/setupcab.c | 9 ++-
dlls/setupapi/tests/Makefile.in | 1 +
dlls/setupapi/tests/setupcab.c | 121 +++++++++++++++++++++++++++++++++++++++
3 files changed, 129 insertions(+), 2 deletions(-)
diff --git a/dlls/setupapi/setupcab.c b/dlls/setupapi/setupcab.c
index 0dd2d86..185fe17 100644
--- a/dlls/setupapi/setupcab.c
+++ b/dlls/setupapi/setupcab.c
@@ -555,17 +555,22 @@ BOOL WINAPI SetupIterateCabinetA(PCSTR CabinetFile, DWORD Reserved,
SC_HSC_A my_hsc;
ERF erf;
- CHAR pszCabinet[MAX_PATH], pszCabPath[MAX_PATH], *p;
+ CHAR pszCabinet[MAX_PATH], pszCabPath[MAX_PATH], *p = NULL;
DWORD fpnsize;
BOOL ret;
-
TRACE("(CabinetFile == %s, Reserved == %u, MsgHandler == ^%p, Context == ^%p)\n",
debugstr_a(CabinetFile), Reserved, MsgHandler, Context);
if (!LoadCABINETDll())
return FALSE;
+ if (!CabinetFile)
+ {
+ SetLastError(ERROR_INVALID_PARAMETER);
+ return FALSE;
+ }
+
fpnsize = strlen(CabinetFile);
if (fpnsize >= MAX_PATH) {
SetLastError(ERROR_BAD_PATHNAME);
diff --git a/dlls/setupapi/tests/Makefile.in b/dlls/setupapi/tests/Makefile.in
index ed3a4c0..332d8a0 100644
--- a/dlls/setupapi/tests/Makefile.in
+++ b/dlls/setupapi/tests/Makefile.in
@@ -11,6 +11,7 @@ C_SRCS = \
misc.c \
parser.c \
query.c \
+ setupcab.c \
stringtable.c
@MAKE_TEST_RULES@
diff --git a/dlls/setupapi/tests/setupcab.c b/dlls/setupapi/tests/setupcab.c
new file mode 100644
index 0000000..6e211ce
--- /dev/null
+++ b/dlls/setupapi/tests/setupcab.c
@@ -0,0 +1,121 @@
+/*
+ * Unit tests for SetupIterateCabinet
+ *
+ * Copyright 2007 Hans Leidekker
+ * Copyright 2010 Andrew Nguyen
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#include <stdarg.h>
+
+#include "windef.h"
+#include "winbase.h"
+#include "wingdi.h"
+#include "winuser.h"
+#include "winreg.h"
+#include "setupapi.h"
+#include "wine/test.h"
+
+static void create_source_fileA(LPSTR filename, const BYTE *data, DWORD size)
+{
+ HANDLE handle;
+ DWORD written;
+
+ handle = CreateFileA(filename, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS,
+ FILE_ATTRIBUTE_NORMAL, NULL);
+ WriteFile(handle, data, size, &written, NULL);
+ CloseHandle(handle);
+}
+
+static UINT CALLBACK dummy_callbackA(PVOID Context, UINT Notification,
+ UINT_PTR Param1, UINT_PTR Param2)
+{
+ ok(0, "Received unexpected notification (%p, %u, %lu, %lu)\n", Context,
+ Notification, Param1, Param2);
+ return 0;
+}
+
+static void test_invalid_parametersA(void)
+{
+ BOOL ret;
+ char source[MAX_PATH], temp[MAX_PATH];
+ int i;
+
+ const struct
+ {
+ PCSTR CabinetFile;
+ PSP_FILE_CALLBACK MsgHandler;
+ DWORD expected_lasterror;
+ int todo_lasterror;
+ } invalid_parameters[] =
+ {
+ {NULL, NULL, ERROR_INVALID_PARAMETER},
+ {NULL, dummy_callbackA, ERROR_INVALID_PARAMETER},
+ {"c:\\nonexistent.cab", NULL, ERROR_FILE_NOT_FOUND},
+ {"c:\\nonexistent.cab", dummy_callbackA, ERROR_FILE_NOT_FOUND},
+ {source, NULL, ERROR_INVALID_DATA, 1},
+ {source, dummy_callbackA, ERROR_INVALID_DATA, 1},
+ };
+
+ GetTempPathA(sizeof(temp), temp);
+ GetTempFileNameA(temp, "doc", 0, source);
+
+ create_source_fileA(source, NULL, 0);
+
+ for (i = 0; i < sizeof(invalid_parameters)/sizeof(invalid_parameters[0]); i++)
+ {
+ SetLastError(0xdeadbeef);
+ ret = SetupIterateCabinetA(invalid_parameters[i].CabinetFile, 0,
+ invalid_parameters[i].MsgHandler, NULL);
+ ok(!ret, "[%d] Expected SetupIterateCabinetA to return 0, got %d\n", i, ret);
+ if (invalid_parameters[i].todo_lasterror)
+ {
+ todo_wine
+ ok(GetLastError() == invalid_parameters[i].expected_lasterror,
+ "[%d] Expected GetLastError() to return %u, got %u\n",
+ i, invalid_parameters[i].expected_lasterror, GetLastError());
+ }
+ else
+ {
+ ok(GetLastError() == invalid_parameters[i].expected_lasterror,
+ "[%d] Expected GetLastError() to return %u, got %u\n",
+ i, invalid_parameters[i].expected_lasterror, GetLastError());
+ }
+ }
+
+ SetLastError(0xdeadbeef);
+ ret = SetupIterateCabinetA("", 0, NULL, NULL);
+ ok(!ret, "Expected SetupIterateCabinetA to return 0, got %d\n", ret);
+ ok(GetLastError() == ERROR_NOT_ENOUGH_MEMORY ||
+ GetLastError() == ERROR_FILE_NOT_FOUND, /* Win9x/NT4/Win2k */
+ "Expected GetLastError() to return ERROR_NOT_ENOUGH_MEMORY, got %u\n",
+ GetLastError());
+
+ SetLastError(0xdeadbeef);
+ ret = SetupIterateCabinetA("", 0, dummy_callbackA, NULL);
+ ok(!ret, "Expected SetupIterateCabinetA to return 0, got %d\n", ret);
+ ok(GetLastError() == ERROR_NOT_ENOUGH_MEMORY ||
+ GetLastError() == ERROR_FILE_NOT_FOUND, /* Win9x/NT4/Win2k */
+ "Expected GetLastError() to return ERROR_NOT_ENOUGH_MEMORY, got %u\n",
+ GetLastError());
+
+ DeleteFileA(source);
+}
+
+START_TEST(setupcab)
+{
+ test_invalid_parametersA();
+}
More information about the wine-cvs
mailing list