[v5 06/12] reg.exe: Sanitize key paths in main
Jonathan Vollebregt
jnvsor at gmail.com
Fri Oct 17 13:38:57 CDT 2014
Checks against remote host and strips backslashes from the start
and end of the key name to make parsing easier later on
---
programs/reg/reg.c | 46 +++++++++++++++++++++++++++++++---------------
programs/reg/reg.rc | 2 +-
2 files changed, 32 insertions(+), 16 deletions(-)
mode change 100644 => 100755 programs/reg/reg.c
diff --git a/programs/reg/reg.c b/programs/reg/reg.c
old mode 100644
new mode 100755
index d299cbf..db52433
--- a/programs/reg/reg.c
+++ b/programs/reg/reg.c
@@ -67,6 +67,25 @@ static int reg_message(int msg)
return reg_printfW(formatW, msg_buffer);
}
+static WCHAR *sanitize_path(WCHAR *key){
+ int i;
+
+ if (key[0] == '\\')
+ key++;
+
+ if (key[0] == '\\')
+ {
+ reg_message(STRING_NO_REMOTE);
+ return NULL;
+ }
+
+ i = strlenW(key) - 1;
+ while (i >= 0 && key[i] == '\\')
+ key[i--] = 0;
+
+ return key;
+}
+
static HKEY get_rootkey(LPWSTR key)
{
static const WCHAR szHKLM[] = {'H','K','L','M',0};
@@ -173,12 +192,6 @@ static int reg_add(WCHAR *key_name, WCHAR *value_name, BOOL value_empty,
reg_printfW(stubW, key_name, value_name, value_empty, type, data, force);
- if (key_name[0]=='\\' && key_name[1]=='\\')
- {
- reg_message(STRING_NO_REMOTE);
- return 1;
- }
-
p = strchrW(key_name,'\\');
if (!p)
{
@@ -246,12 +259,6 @@ static int reg_delete(WCHAR *key_name, WCHAR *value_name, BOOL value_empty,
,0};
reg_printfW(stubW, key_name, value_name, value_empty, value_all, force);
- if (key_name[0]=='\\' && key_name[1]=='\\')
- {
- reg_message(STRING_NO_REMOTE);
- return 1;
- }
-
p = strchrW(key_name,'\\');
if (!p)
{
@@ -407,7 +414,10 @@ int wmain(int argc, WCHAR *argvW[])
return 0;
}
- key_name = argvW[2];
+ key_name = sanitize_path(argvW[2]);
+ if (!key_name)
+ return 1;
+
for (i = 1; i < argc; i++)
{
if (!lstrcmpiW(argvW[i], slashVW))
@@ -443,7 +453,10 @@ int wmain(int argc, WCHAR *argvW[])
return 0;
}
- key_name = argvW[2];
+ key_name = sanitize_path(argvW[2]);
+ if (!key_name)
+ return 1;
+
for (i = 1; i < argc; i++)
{
if (!lstrcmpiW(argvW[i], slashVW))
@@ -474,7 +487,10 @@ int wmain(int argc, WCHAR *argvW[])
return 0;
}
- key_name = argvW[2];
+ key_name = sanitize_path(argvW[2]);
+ if (!key_name)
+ return 1;
+
for (i = 1; i < argc; i++)
{
if (!lstrcmpiW(argvW[i], slashVW))
diff --git a/programs/reg/reg.rc b/programs/reg/reg.rc
index 479912b..6f4c0c8 100644
--- a/programs/reg/reg.rc
+++ b/programs/reg/reg.rc
@@ -33,6 +33,6 @@ STRINGTABLE
STRING_SUCCESS, "The operation completed successfully\n"
STRING_INVALID_KEY, "Error: Invalid key name\n"
STRING_INVALID_CMDLINE, "Error: Invalid command line parameters\n"
- STRING_NO_REMOTE, "Error: Unable to add keys to remote machine\n"
+ STRING_NO_REMOTE, "Error: Unable to access remote machine\n"
STRING_CANNOT_FIND, "Error: The system was unable to find the specified registry key or value\n"
}
--
2.1.1
More information about the wine-patches
mailing list