[PATCH 2/3] regedit: Validate REG_SZ import data before processing it any further
Hugh McMaster
hugh.mcmaster at outlook.com
Wed Apr 12 08:45:23 CDT 2017
Signed-off-by: Hugh McMaster <hugh.mcmaster at outlook.com>
---
programs/regedit/regproc.c | 21 +++++++++++++++++++++
programs/regedit/tests/regedit.c | 14 +++++++-------
2 files changed, 28 insertions(+), 7 deletions(-)
diff --git a/programs/regedit/regproc.c b/programs/regedit/regproc.c
index 96c4564..4889915 100644
--- a/programs/regedit/regproc.c
+++ b/programs/regedit/regproc.c
@@ -390,6 +390,25 @@ static const WCHAR *reg_type_to_wchar(DWORD type)
return NULL;
}
+static BOOL validate_reg_sz_data(WCHAR *str)
+{
+ WCHAR *p, *end;
+
+ if (!*str || !(p = strchrW(str, '"')))
+ return FALSE;
+
+ while (*p && *(p - 1) == '\\')
+ p = strchrW(++p, '"');
+ if (!p) return FALSE;
+
+ end = ++p;
+ while (*p == ' ' || *p == '\t') p++;
+ if (*p && *p != ';') return FALSE;
+
+ *end = 0;
+ return TRUE;
+}
+
/******************************************************************************
* Sets the value with name val_name to the data in val_data for the currently
* opened key.
@@ -420,6 +439,8 @@ static LONG setValue(WCHAR* val_name, WCHAR* val_data, BOOL is_unicode)
if (dwParseType == REG_SZ) /* no conversion for string */
{
+ if (!validate_reg_sz_data(val_data))
+ return ERROR_INVALID_DATA;
dwLen = REGPROC_unescape_string(val_data);
if(!dwLen || val_data[dwLen-1] != '"')
return ERROR_INVALID_DATA;
diff --git a/programs/regedit/tests/regedit.c b/programs/regedit/tests/regedit.c
index 9ff760a..4a7894f 100644
--- a/programs/regedit/tests/regedit.c
+++ b/programs/regedit/tests/regedit.c
@@ -543,8 +543,8 @@ static void test_invalid_import(void)
"[HKEY_CURRENT_USER\\" KEY_BASE "]\n"
"\"Test15a\"=\"foo\"bar\"\n"
"\"Test15b\"=\"foo\"\"bar\"\n\n");
- todo_wine verify_reg_nonexist(hkey, "Test15a");
- todo_wine verify_reg_nonexist(hkey, "Test15b");
+ verify_reg_nonexist(hkey, "Test15a");
+ verify_reg_nonexist(hkey, "Test15b");
exec_import_str("REGEDIT4\n\n"
"[HKEY_CURRENT_USER\\" KEY_BASE "]\n"
@@ -590,7 +590,7 @@ static void test_comments(void)
"\"Wine5\"=dword:01020304 #comment\n"
"\"Wine6\"=dword:02040608 ;comment\n\n");
verify_reg_nonexist(hkey, "Wine3");
- todo_wine verify_reg(hkey, "Wine4", REG_SZ, "Value 2", 8, 0);
+ verify_reg(hkey, "Wine4", REG_SZ, "Value 2", 8, 0);
verify_reg_nonexist(hkey, "Wine5");
dword = 0x2040608;
verify_reg(hkey, "Wine6", REG_DWORD, &dword, sizeof(dword), 0);
@@ -622,9 +622,9 @@ static void test_comments(void)
verify_reg_nonexist(hkey, "Comment2");
verify_reg_nonexist(hkey, "Comment3");
verify_reg_nonexist(hkey, "Comment4");
- todo_wine verify_reg_nonexist(hkey, "Wine11");
+ verify_reg_nonexist(hkey, "Wine11");
verify_reg_nonexist(hkey, "Comment5");
- verify_reg(hkey, "Wine12", REG_SZ, "Value 7", 8, TODO_REG_SIZE|TODO_REG_DATA);
+ verify_reg(hkey, "Wine12", REG_SZ, "Value 7", 8, 0);
verify_reg_nonexist(hkey, "Comment6");
exec_import_str("REGEDIT4\n\n"
@@ -673,8 +673,8 @@ static void test_comments(void)
"\"Wine26b\"=\"Value2\"\t\t;comment\n"
"\"Wine26c\"=\"Value3\" #comment\n"
"\"Wine26d\"=\"Value4\"\t\t#comment\n\n");
- todo_wine verify_reg(hkey, "Wine26a", REG_SZ, "Value1", 7, 0);
- todo_wine verify_reg(hkey, "Wine26b", REG_SZ, "Value2", 7, 0);
+ verify_reg(hkey, "Wine26a", REG_SZ, "Value1", 7, 0);
+ verify_reg(hkey, "Wine26b", REG_SZ, "Value2", 7, 0);
verify_reg_nonexist(hkey, "Wine26c");
verify_reg_nonexist(hkey, "Wine26d");
--
2.7.4
More information about the wine-patches
mailing list