[PATCH 1/6] reg: Sanitize key paths in main
Jonathan Vollebregt
jnvsor at gmail.com
Mon Oct 27 07:10:04 CDT 2014
Checks against backslashes at the start and end of a key. Strips
single backslash from end for ease of parsing later on.
---
programs/reg/reg.c | 53 ++++++++++++++++++++++++++++++++++--------------
programs/reg/reg.rc | 2 +-
programs/reg/tests/reg.c | 2 +-
3 files changed, 40 insertions(+), 17 deletions(-)
mode change 100644 => 100755 programs/reg/reg.c
diff --git a/programs/reg/reg.c b/programs/reg/reg.c
old mode 100644
new mode 100755
index d299cbf..6ff1707
--- a/programs/reg/reg.c
+++ b/programs/reg/reg.c
@@ -67,6 +67,32 @@ static int reg_message(int msg)
return reg_printfW(formatW, msg_buffer);
}
+static WCHAR *sanitize_path(WCHAR *key){
+ int i;
+
+ if (key[0] == '\\')
+ {
+ if (key[1] == '\\')
+ reg_message(STRING_NO_REMOTE);
+ else
+ reg_message(STRING_INVALID_KEY);
+
+ return NULL;
+ }
+
+ i = strlenW(key);
+ if (key[i - 1] == '\\')
+ key[i - 1] = 0;
+
+ if (key[i - 2] == '\\')
+ {
+ reg_message(STRING_INVALID_KEY);
+ return NULL;
+ }
+
+ return key;
+}
+
static HKEY get_rootkey(LPWSTR key)
{
static const WCHAR szHKLM[] = {'H','K','L','M',0};
@@ -173,12 +199,6 @@ static int reg_add(WCHAR *key_name, WCHAR *value_name, BOOL value_empty,
reg_printfW(stubW, key_name, value_name, value_empty, type, data, force);
- if (key_name[0]=='\\' && key_name[1]=='\\')
- {
- reg_message(STRING_NO_REMOTE);
- return 1;
- }
-
p = strchrW(key_name,'\\');
if (!p)
{
@@ -246,12 +266,6 @@ static int reg_delete(WCHAR *key_name, WCHAR *value_name, BOOL value_empty,
,0};
reg_printfW(stubW, key_name, value_name, value_empty, value_all, force);
- if (key_name[0]=='\\' && key_name[1]=='\\')
- {
- reg_message(STRING_NO_REMOTE);
- return 1;
- }
-
p = strchrW(key_name,'\\');
if (!p)
{
@@ -407,7 +421,10 @@ int wmain(int argc, WCHAR *argvW[])
return 0;
}
- key_name = argvW[2];
+ key_name = sanitize_path(argvW[2]);
+ if (!key_name)
+ return 1;
+
for (i = 1; i < argc; i++)
{
if (!lstrcmpiW(argvW[i], slashVW))
@@ -443,7 +460,10 @@ int wmain(int argc, WCHAR *argvW[])
return 0;
}
- key_name = argvW[2];
+ key_name = sanitize_path(argvW[2]);
+ if (!key_name)
+ return 1;
+
for (i = 1; i < argc; i++)
{
if (!lstrcmpiW(argvW[i], slashVW))
@@ -474,7 +494,10 @@ int wmain(int argc, WCHAR *argvW[])
return 0;
}
- key_name = argvW[2];
+ key_name = sanitize_path(argvW[2]);
+ if (!key_name)
+ return 1;
+
for (i = 1; i < argc; i++)
{
if (!lstrcmpiW(argvW[i], slashVW))
diff --git a/programs/reg/reg.rc b/programs/reg/reg.rc
index 479912b..6f4c0c8 100644
--- a/programs/reg/reg.rc
+++ b/programs/reg/reg.rc
@@ -33,6 +33,6 @@ STRINGTABLE
STRING_SUCCESS, "The operation completed successfully\n"
STRING_INVALID_KEY, "Error: Invalid key name\n"
STRING_INVALID_CMDLINE, "Error: Invalid command line parameters\n"
- STRING_NO_REMOTE, "Error: Unable to add keys to remote machine\n"
+ STRING_NO_REMOTE, "Error: Unable to access remote machine\n"
STRING_CANNOT_FIND, "Error: The system was unable to find the specified registry key or value\n"
}
diff --git a/programs/reg/tests/reg.c b/programs/reg/tests/reg.c
index 3de6f70..1043929 100644
--- a/programs/reg/tests/reg.c
+++ b/programs/reg/tests/reg.c
@@ -107,7 +107,7 @@ static void test_add(void)
run_reg_exe("reg add \\\\HKCU\\" KEY_BASE "\\keytest1 /f", &r);
ok(r == REG_EXIT_FAILURE, "got exit code %u\n", r);
run_reg_exe("reg add HKCU\\" KEY_BASE "\\keytest2\\\\ /f", &r);
- todo_wine ok(r == REG_EXIT_FAILURE || broken(r == REG_EXIT_SUCCESS /* WinXP */),
+ ok(r == REG_EXIT_FAILURE || broken(r == REG_EXIT_SUCCESS /* WinXP */),
"got exit code %u\n", r);
run_reg_exe("reg add HKCU\\" KEY_BASE "\\keytest3\\ /f", &r);
--
2.1.1
More information about the wine-patches
mailing list