[PATCH 2/2] programs/cmd: skip too long paths
Eric Pouech
wine at gitlab.winehq.org
Fri Apr 29 08:20:22 CDT 2022
From: Eric Pouech <eric.pouech at gmail.com>
Signed-off-by: Eric Pouech <eric.pouech at gmail.com>
---
programs/cmd/builtins.c | 18 +++++++++++++++++-
1 file changed, 17 insertions(+), 1 deletion(-)
diff --git a/programs/cmd/builtins.c b/programs/cmd/builtins.c
index dd3ebf76d50..5ae5a129d90 100644
--- a/programs/cmd/builtins.c
+++ b/programs/cmd/builtins.c
@@ -1355,6 +1355,11 @@ static BOOL WCMD_delete_one (const WCHAR *thisArg) {
DIRECTORY_STACK *nextDir;
WCHAR subParm[MAX_PATH];
+ if (wcslen(thisDir) + wcslen(fd.cFileName) + 1 + wcslen(fname) + wcslen(ext) >= MAX_PATH)
+ {
+ WINE_TRACE("Skipping path too long %ls%ls\\%ls%ls\n", thisDir, fd.cFileName, fname, ext);
+ continue;
+ }
/* Work out search parameter in sub dir */
lstrcpyW (subParm, thisDir);
lstrcatW (subParm, fd.cFileName);
@@ -1761,7 +1766,13 @@ static void WCMD_add_dirstowalk(DIRECTORY_STACK *dirsToWalk) {
(lstrcmpW(fd.cFileName, L"..") != 0) && (lstrcmpW(fd.cFileName, L".") != 0))
{
/* Allocate memory, add to list */
- DIRECTORY_STACK *toWalk = heap_xalloc(sizeof(DIRECTORY_STACK));
+ DIRECTORY_STACK *toWalk;
+ if (wcslen(dirsToWalk->dirName) + 1 + wcslen(fd.cFileName) >= MAX_PATH)
+ {
+ WINE_TRACE("Skipping too long path %ls\\%ls\n", dirsToWalk->dirName, fd.cFileName);
+ continue;
+ }
+ toWalk = heap_xalloc(sizeof(DIRECTORY_STACK));
WINE_TRACE("(%p->%p)\n", remainingDirs, remainingDirs->next);
toWalk->next = remainingDirs->next;
remainingDirs->next = toWalk;
@@ -2321,6 +2332,11 @@ void WCMD_for (WCHAR *p, CMD_LIST **cmdList) {
WINE_TRACE("Processing FOR filename %s\n", wine_dbgstr_w(fd.cFileName));
if (doRecurse) {
+ if (wcslen(dirsToWalk->dirName) + 1 + wcslen(fd.cFileName) >= MAX_PATH)
+ {
+ WINE_TRACE("Skipping too long path %ls\\%ls\n", dirsToWalk->dirName, fd.cFileName);
+ continue;
+ }
lstrcpyW(fullitem, dirsToWalk->dirName);
lstrcatW(fullitem, L"\\");
lstrcatW(fullitem, fd.cFileName);
--
GitLab
https://gitlab.winehq.org/wine/wine/-/merge_requests/17
More information about the wine-devel
mailing list