[PATCH 3/4] WCMD_run_program return value check

Eric Ho ericho921 at gmail.com
Sun Mar 7 14:49:24 CST 2010 

This patch adds early returns on bad return values of getfullpathW
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.winehq.org/pipermail/wine-patches/attachments/20100307/97aaf06f/attachment.htm>
-------------- next part --------------
diff --git a/programs/cmd/wcmdmain.c b/programs/cmd/wcmdmain.c
index 7411af0..2d82175 100755
--- a/programs/cmd/wcmdmain.c
+++ b/programs/cmd/wcmdmain.c
@@ -1004,7 +1004,12 @@ void WCMD_run_program (WCHAR *command, int called) {
   } else {
 
     /* Convert eg. ..\fred to include a directory by removing file part */
-    GetFullPathNameW(param1, sizeof(pathtosearch)/sizeof(WCHAR), pathtosearch, NULL);
+    DWORD ret = GetFullPathNameW(param1, sizeof(pathtosearch)/sizeof(WCHAR), pathtosearch, NULL);
+    
+    if (ret == 0) goto run_program_file_not_found;
+
+    if (ret == sizeof(pathtosearch)/sizeof(WCHAR)) goto run_program_line_too_long;
+
     lastSlash = strrchrW(pathtosearch, '\\');
     if (lastSlash && strchrW(lastSlash, '.') != NULL) extensionsupplied = TRUE;
     if (strlenW(lastSlash+1)>=MAX_PATH) goto run_program_line_too_long;
@@ -1035,6 +1040,7 @@ void WCMD_run_program (WCHAR *command, int called) {
     WCHAR *pos               = NULL;
     BOOL  found             = FALSE;
     const WCHAR slashW[] = {'\\','\0'};
+    DWORD ret;
 
     /* Work on the first directory on the search path */
     pos = strchrW(pathposn, ';');
@@ -1053,7 +1059,11 @@ void WCMD_run_program (WCHAR *command, int called) {
     /* Since you can have eg. ..\.. on the path, need to expand
        to full information                                      */
     strcpyW(temp, thisDir);
-    GetFullPathNameW(temp, MAX_PATH, thisDir, NULL);
+    ret = GetFullPathNameW(temp, MAX_PATH, thisDir, NULL);
+
+    if (ret==0) goto run_program_file_not_found;
+    if (ret == MAX_PATH||strlenW(slashW)+strlenW(thisDir)+strlenW(stemofsearch)>=MAX_PATH)
+      goto run_program_line_too_long;
 
     strcatW(thisDir, slashW);
     strcatW(thisDir, stemofsearch);
@@ -1183,6 +1193,7 @@ void WCMD_run_program (WCHAR *command, int called) {
     }
   }
 
+ run_program_file_not_found:
   /* Not found anywhere - give up */
   SetLastError(ERROR_FILE_NOT_FOUND);
   WCMD_print_error ();

More information about the wine-patches mailing list