[PATCH 1/6] reg: Sanitize key paths in main

Wed Oct 29 14:39:05 CDT 2014

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Am 2014-10-29 19:56, schrieb Jonathan Vollebregt:
>> There will always be errors that are specific to reg.exe though. E.g.
>> it's not possible to pass a negative DWORD to RegSetValue.
> 
> How would I add reg.exe specific errors? Just make them ints over the
> 16k used by system error codes?
That depends. Printing error messages from the top level reg_add, reg_query, etc is fine. What I don't like is printing them from functions at many different levels.

In some cases (e.g. invalid root key) you may be able to reuse some of the existing error values.

> In any case implementing this would require a big rewrite of most of the
> patches in the series, so I'll probably make a patch for the end of this
> series.
Works for me.

> This checks for backslashes at the end of the key not the start - tests
> show more than one should produce an error.
Ooops, I should have read this more carefully :-\ .

>>> -        reg_type = get_regtype(type);
>>> +        if (!type)
>>> +            reg_type = REG_SZ;
>>> +        else
>>> +            reg_type = wchar_get_type(type);
>> Why not keep the !type check inside get_regtype?
> 
> It's possible for something calling this to want a different default, so
> I decided to let the caller handle it.
I'd say keep it in get_regtype until you find a specific case that needs it.

>> Since you know the length, you can use memcpy. You could also think
>> about a strdupW_heap() helper function if you need this in multiple
>> places, but then reusing the length is more difficult.
> 
> Does this mean I'm allowed to use malloc too?
No, what I meant is write your own strdup-like function that uses HeapAlloc.

> The idea is presumably only to prompt for overwrite if the value already
> exists. That's what the RegQueryValue is for. Presumably a y/n prompt
> should go here but I have my hands full with the rest of it.
Sure, I'm not saying that you should add a prompt now. I'm saying a /* FIXME: Check if the value exists and prompt for overwrite */ works just as well as calling RegQueryValue for (currently) no reason. 

>> If the subkey does not exist, and invalid data is passed, you're
>> creating the subkey without adding the value and returning an error.
>> This is likely not the correct behavior.
> 
> Should it prompt for new key creation as well as overwriting? I'm not
> sure what the native behavior is
What I meant is that you are doing some error checks *after* you already modified the registry. Leaving modifications behind (or creating them in the first place) if invalid operands are specified is most likely wrong.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJUUUJZAAoJEN0/YqbEcdMwU74P/3pkski0so1+OF2P7p5nLrh4
Pmj8Z9PCLt7z1MwlzdxPwYRlZ3Av62B9a/SpetKWgOKHJ6RnPMDT6mTBz0arWaii
j00TDwA8GPoa52yUzsoDtpovpm/NPp62AEUnHSmKpoym2Yg2N/wWmvD4RV2JGfQe
zONj22F1St8iQ2TRnTh5hFrWt9RyBWqmhxMgjcJfNGGqhZJYutZt6wLwHn3JeC8W
Vj6AjpUvS7uY8Poa8Um0xY1CxfiUiYWVu75vuytjgk0u5rJumwvW8lDdxIx93UYF
+dMkPs940CL4IaBgV79rhr2mGqIalGo0cTRSyJMrAB82gelHA7acJHPmojdFLnuf
jNEUB1qLrrV+LrPmP3cgug5DBPzfNYfJ4mtf/JrSYdY/ULnPTFoeZe44h6Y3FDmV
sqYEbLFeLuULONm37upYCKDzf5GIdHP0QrEaugxNQ0544lLgF/IC5qtV35GAed75
oaw19SYSuYTz6kogJ6vBhRjx5IvWXOZ+qZdGub7Wb02JEDHlAa8fiS57PkkGCQbP
Ps+nbpVT8EPvd4UP2WUvrmzO2lu3xDHivYPFpVeMkcckhRnsXS9pWa7s2Fb5BlSL
s/YmoUvP6AMprGht6AJ2UfxU7dcPvSY2lFYZAkOM3Ll+97+RP6sJu73Tu6T/sNee
dz+NFFzWrMKBwRKHP9ZL
=Cwmi
-----END PGP SIGNATURE-----