Juan Lang : shell32: Use a helper function for executing a found executable .
Alexandre Julliard
julliard at winehq.org
Mon Nov 19 08:19:36 CST 2007
Module: wine
Branch: master
Commit: e3dbbd14354b9b145089a0595493208fdf9ce575
URL: http://source.winehq.org/git/wine.git/?a=commit;h=e3dbbd14354b9b145089a0595493208fdf9ce575
Author: Juan Lang <juan.lang at gmail.com>
Date: Fri Nov 16 12:39:15 2007 -0800
shell32: Use a helper function for executing a found executable.
---
dlls/shell32/shlexec.c | 44 +++++++++++++++++++++++++++-----------------
1 files changed, 27 insertions(+), 17 deletions(-)
diff --git a/dlls/shell32/shlexec.c b/dlls/shell32/shlexec.c
index b68c9a2..5b1a625 100644
--- a/dlls/shell32/shlexec.c
+++ b/dlls/shell32/shlexec.c
@@ -1366,12 +1366,35 @@ static BOOL SHELL_translate_idlist( LPSHELLEXECUTEINFOW sei, LPWSTR wszParameter
return appKnownSingular;
}
+static UINT_PTR SHELL_quote_and_execute( LPCWSTR wcmd, LPCWSTR wszParameters, LPWSTR lpstrProtocol, LPCWSTR wszApplicationName, LPWSTR env, LPSHELLEXECUTEINFOW psei, LPSHELLEXECUTEINFOW psei_out, SHELL_ExecuteW32 execfunc )
+{
+ static const WCHAR wQuote[] = {'"',0};
+ static const WCHAR wSpace[] = {' ',0};
+ UINT_PTR retval;
+ WCHAR wszQuotedCmd[MAX_PATH+2];
+ /* Must quote to handle case where cmd contains spaces,
+ * else security hole if malicious user creates executable file "C:\\Program"
+ */
+ strcpyW(wszQuotedCmd, wQuote);
+ strcatW(wszQuotedCmd, wcmd);
+ strcatW(wszQuotedCmd, wQuote);
+ if (wszParameters[0]) {
+ strcatW(wszQuotedCmd, wSpace);
+ strcatW(wszQuotedCmd, wszParameters);
+ }
+ TRACE("%s/%s => %s/%s\n", debugstr_w(wszApplicationName), debugstr_w(psei->lpVerb), debugstr_w(wszQuotedCmd), debugstr_w(lpstrProtocol));
+ if (*lpstrProtocol)
+ retval = execute_from_key(lpstrProtocol, wszApplicationName, env, psei->lpParameters, wcmd, execfunc, psei, psei_out);
+ else
+ retval = execfunc(wszQuotedCmd, env, FALSE, psei, psei_out);
+ return retval;
+}
+
/*************************************************************************
* SHELL_execute [Internal]
*/
BOOL SHELL_execute( LPSHELLEXECUTEINFOW sei, SHELL_ExecuteW32 execfunc )
{
- static const WCHAR wQuote[] = {'"',0};
static const WCHAR wSpace[] = {' ',0};
static const WCHAR wWww[] = {'w','w','w',0};
static const WCHAR wFile[] = {'f','i','l','e',0};
@@ -1666,22 +1689,9 @@ BOOL SHELL_execute( LPSHELLEXECUTEINFOW sei, SHELL_ExecuteW32 execfunc )
retval = SHELL_FindExecutable(sei_tmp.lpDirectory, lpFile, sei_tmp.lpVerb, wcmd, 1024, lpstrProtocol, &env, sei_tmp.lpIDList, sei_tmp.lpParameters);
if (retval > 32) /* Found */
{
- WCHAR wszQuotedCmd[MAX_PATH+2];
- /* Must quote to handle case where cmd contains spaces,
- * else security hole if malicious user creates executable file "C:\\Program"
- */
- strcpyW(wszQuotedCmd, wQuote);
- strcatW(wszQuotedCmd, wcmd);
- strcatW(wszQuotedCmd, wQuote);
- if (wszParameters[0]) {
- strcatW(wszQuotedCmd, wSpace);
- strcatW(wszQuotedCmd, wszParameters);
- }
- TRACE("%s/%s => %s/%s\n", debugstr_w(wszApplicationName), debugstr_w(sei_tmp.lpVerb), debugstr_w(wszQuotedCmd), debugstr_w(lpstrProtocol));
- if (*lpstrProtocol)
- retval = execute_from_key(lpstrProtocol, wszApplicationName, env, sei_tmp.lpParameters, wcmd, execfunc, &sei_tmp, sei);
- else
- retval = execfunc(wszQuotedCmd, env, FALSE, &sei_tmp, sei);
+ retval = SHELL_quote_and_execute( wcmd, wszParameters, lpstrProtocol,
+ wszApplicationName, env, &sei_tmp,
+ sei, execfunc );
HeapFree( GetProcessHeap(), 0, env );
}
else if (PathIsURLW(lpFile)) /* File not found, check for URL */
More information about the wine-cvs
mailing list