Piotr Caban : fusion: Respect buffer size in IAssemblyNameImpl_GetProperty.
Alexandre Julliard
julliard at winehq.org
Thu Nov 9 16:59:59 CST 2017
Module: wine
Branch: master
Commit: fac2e9a28297a0186254408bf4fd2a343e822103
URL: http://source.winehq.org/git/wine.git/?a=commit;h=fac2e9a28297a0186254408bf4fd2a343e822103
Author: Piotr Caban <piotr at codeweavers.com>
Date: Thu Nov 9 16:07:48 2017 +0100
fusion: Respect buffer size in IAssemblyNameImpl_GetProperty.
Signed-off-by: Piotr Caban <piotr at codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard at winehq.org>
---
dlls/fusion/asmname.c | 41 ++++++++++++++++++++++++++++++++---------
dlls/fusion/tests/asmname.c | 16 +++++++++++++++-
2 files changed, 47 insertions(+), 10 deletions(-)
diff --git a/dlls/fusion/asmname.c b/dlls/fusion/asmname.c
index 1bfe9c1..e3f1ee4 100644
--- a/dlls/fusion/asmname.c
+++ b/dlls/fusion/asmname.c
@@ -31,6 +31,7 @@
#include "guiddef.h"
#include "fusion.h"
#include "corerror.h"
+#include "strsafe.h"
#include "wine/debug.h"
#include "wine/unicode.h"
@@ -138,11 +139,11 @@ static HRESULT WINAPI IAssemblyNameImpl_GetProperty(IAssemblyName *iface,
LPDWORD pcbProperty)
{
IAssemblyNameImpl *name = impl_from_IAssemblyName(iface);
+ DWORD size;
TRACE("(%p, %d, %p, %p)\n", iface, PropertyId, pvProperty, pcbProperty);
- *((LPWSTR)pvProperty) = '\0';
-
+ size = *pcbProperty;
switch (PropertyId)
{
case ASM_NAME_NULL_PUBLIC_KEY:
@@ -158,45 +159,65 @@ static HRESULT WINAPI IAssemblyNameImpl_GetProperty(IAssemblyName *iface,
*pcbProperty = 0;
if (name->name)
{
- lstrcpyW(pvProperty, name->name);
*pcbProperty = (lstrlenW(name->name) + 1) * 2;
+ if (size < *pcbProperty)
+ return STRSAFE_E_INSUFFICIENT_BUFFER;
+ lstrcpyW(pvProperty, name->name);
}
break;
case ASM_NAME_MAJOR_VERSION:
*pcbProperty = 0;
- *((WORD *)pvProperty) = name->version[0];
if (name->versize >= 1)
+ {
*pcbProperty = sizeof(WORD);
+ if (size < *pcbProperty)
+ return STRSAFE_E_INSUFFICIENT_BUFFER;
+ *((WORD *)pvProperty) = name->version[0];
+ }
break;
case ASM_NAME_MINOR_VERSION:
*pcbProperty = 0;
- *((WORD *)pvProperty) = name->version[1];
if (name->versize >= 2)
+ {
*pcbProperty = sizeof(WORD);
+ if (size < *pcbProperty)
+ return STRSAFE_E_INSUFFICIENT_BUFFER;
+ *((WORD *)pvProperty) = name->version[1];
+ }
break;
case ASM_NAME_BUILD_NUMBER:
*pcbProperty = 0;
- *((WORD *)pvProperty) = name->version[2];
if (name->versize >= 3)
+ {
*pcbProperty = sizeof(WORD);
+ if (size < *pcbProperty)
+ return STRSAFE_E_INSUFFICIENT_BUFFER;
+ *((WORD *)pvProperty) = name->version[2];
+ }
break;
case ASM_NAME_REVISION_NUMBER:
*pcbProperty = 0;
- *((WORD *)pvProperty) = name->version[3];
if (name->versize >= 4)
+ {
*pcbProperty = sizeof(WORD);
+ if (size < *pcbProperty)
+ return STRSAFE_E_INSUFFICIENT_BUFFER;
+ *((WORD *)pvProperty) = name->version[3];
+ }
break;
case ASM_NAME_CULTURE:
*pcbProperty = 0;
if (name->culture)
{
- lstrcpyW(pvProperty, name->culture);
*pcbProperty = (lstrlenW(name->culture) + 1) * 2;
+ if (size < *pcbProperty)
+ return STRSAFE_E_INSUFFICIENT_BUFFER;
+ lstrcpyW(pvProperty, name->culture);
}
break;
@@ -204,8 +225,10 @@ static HRESULT WINAPI IAssemblyNameImpl_GetProperty(IAssemblyName *iface,
*pcbProperty = 0;
if (name->haspubkey)
{
- memcpy(pvProperty, name->pubkey, sizeof(DWORD) * 2);
*pcbProperty = sizeof(DWORD) * 2;
+ if (size < *pcbProperty)
+ return STRSAFE_E_INSUFFICIENT_BUFFER;
+ memcpy(pvProperty, name->pubkey, sizeof(DWORD) * 2);
}
break;
diff --git a/dlls/fusion/tests/asmname.c b/dlls/fusion/tests/asmname.c
index b93f289..556a143 100644
--- a/dlls/fusion/tests/asmname.c
+++ b/dlls/fusion/tests/asmname.c
@@ -24,6 +24,7 @@
#include <mscoree.h>
#include <fusion.h>
#include <corerror.h>
+#include <strsafe.h>
#include "wine/test.h"
@@ -362,7 +363,11 @@ static void test_assembly_name_props_line(IAssemblyName *name,
if (hr != E_INVALIDARG)
{
ok(size == vals[i].size, "%d: prop %d: Expected %d, got %d\n", line, i, vals[i].size, size);
- if (size && size != MAX_PATH)
+ if (!size)
+ {
+ ok(str[0] == 0xcccc, "%d: prop %d: str[0] = %x\n", line, i, str[0]);
+ }
+ else if (size != MAX_PATH)
{
if (i != ASM_NAME_NAME && i != ASM_NAME_CULTURE)
ok( !memcmp( vals[i].val, str, size ), "%d: prop %d: wrong value\n", line, i );
@@ -370,6 +375,15 @@ static void test_assembly_name_props_line(IAssemblyName *name,
ok( !lstrcmpW( expect, str ), "%d: prop %d: Expected %s, got %s\n",
line, i, wine_dbgstr_w(expect), wine_dbgstr_w(str) );
}
+
+ if (size != 0 && size != MAX_PATH)
+ {
+ size--;
+ hr = IAssemblyName_GetProperty(name, i, str, &size);
+ ok(hr == STRSAFE_E_INSUFFICIENT_BUFFER,
+ "%d: prop %d: Expected STRSAFE_E_INSUFFICIENT_BUFFER, got %08x\n", line, i, hr);
+ ok(size == vals[i].size, "%d: prop %d: Expected %d, got %d\n", line, i, vals[i].size, size);
+ }
}
}
}
More information about the wine-cvs
mailing list