From: Jonathan Vollebregt Subject: [PATCH 1/6] reg: Sanitize key paths in main Message-Id: <1414411809-1943-1-git-send-email-jnvsor@gmail.com> Date: Mon, 27 Oct 2014 13:10:04 +0100 Checks against backslashes at the start and end of a key. Strips single backslash from end for ease of parsing later on. --- programs/reg/reg.c | 53 ++++++++++++++++++++++++++++++++++-------------- programs/reg/reg.rc | 2 +- programs/reg/tests/reg.c | 2 +- 3 files changed, 40 insertions(+), 17 deletions(-) mode change 100644 => 100755 programs/reg/reg.c diff --git a/programs/reg/reg.c b/programs/reg/reg.c old mode 100644 new mode 100755 index d299cbf..6ff1707 --- a/programs/reg/reg.c +++ b/programs/reg/reg.c @@ -67,6 +67,32 @@ static int reg_message(int msg) return reg_printfW(formatW, msg_buffer); } +static WCHAR *sanitize_path(WCHAR *key){ + int i; + + if (key[0] == '\\') + { + if (key[1] == '\\') + reg_message(STRING_NO_REMOTE); + else + reg_message(STRING_INVALID_KEY); + + return NULL; + } + + i = strlenW(key); + if (key[i - 1] == '\\') + key[i - 1] = 0; + + if (key[i - 2] == '\\') + { + reg_message(STRING_INVALID_KEY); + return NULL; + } + + return key; +} + static HKEY get_rootkey(LPWSTR key) { static const WCHAR szHKLM[] = {'H','K','L','M',0}; @@ -173,12 +199,6 @@ static int reg_add(WCHAR *key_name, WCHAR *value_name, BOOL value_empty, reg_printfW(stubW, key_name, value_name, value_empty, type, data, force); - if (key_name[0]=='\\' && key_name[1]=='\\') - { - reg_message(STRING_NO_REMOTE); - return 1; - } - p = strchrW(key_name,'\\'); if (!p) { @@ -246,12 +266,6 @@ static int reg_delete(WCHAR *key_name, WCHAR *value_name, BOOL value_empty, ,0}; reg_printfW(stubW, key_name, value_name, value_empty, value_all, force); - if (key_name[0]=='\\' && key_name[1]=='\\') - { - reg_message(STRING_NO_REMOTE); - return 1; - } - p = strchrW(key_name,'\\'); if (!p) { @@ -407,7 +421,10 @@ int wmain(int argc, WCHAR *argvW[]) return 0; } - key_name = argvW[2]; + key_name = sanitize_path(argvW[2]); + if (!key_name) + return 1; + for (i = 1; i < argc; i++) { if (!lstrcmpiW(argvW[i], slashVW)) @@ -443,7 +460,10 @@ int wmain(int argc, WCHAR *argvW[]) return 0; } - key_name = argvW[2]; + key_name = sanitize_path(argvW[2]); + if (!key_name) + return 1; + for (i = 1; i < argc; i++) { if (!lstrcmpiW(argvW[i], slashVW)) @@ -474,7 +494,10 @@ int wmain(int argc, WCHAR *argvW[]) return 0; } - key_name = argvW[2]; + key_name = sanitize_path(argvW[2]); + if (!key_name) + return 1; + for (i = 1; i < argc; i++) { if (!lstrcmpiW(argvW[i], slashVW)) diff --git a/programs/reg/reg.rc b/programs/reg/reg.rc index 479912b..6f4c0c8 100644 --- a/programs/reg/reg.rc +++ b/programs/reg/reg.rc @@ -33,6 +33,6 @@ STRINGTABLE STRING_SUCCESS, "The operation completed successfully\n" STRING_INVALID_KEY, "Error: Invalid key name\n" STRING_INVALID_CMDLINE, "Error: Invalid command line parameters\n" - STRING_NO_REMOTE, "Error: Unable to add keys to remote machine\n" + STRING_NO_REMOTE, "Error: Unable to access remote machine\n" STRING_CANNOT_FIND, "Error: The system was unable to find the specified registry key or value\n" } diff --git a/programs/reg/tests/reg.c b/programs/reg/tests/reg.c index 3de6f70..1043929 100644 --- a/programs/reg/tests/reg.c +++ b/programs/reg/tests/reg.c @@ -107,7 +107,7 @@ static void test_add(void) run_reg_exe("reg add \\\\HKCU\\" KEY_BASE "\\keytest1 /f", &r); ok(r == REG_EXIT_FAILURE, "got exit code %u\n", r); run_reg_exe("reg add HKCU\\" KEY_BASE "\\keytest2\\\\ /f", &r); - todo_wine ok(r == REG_EXIT_FAILURE || broken(r == REG_EXIT_SUCCESS /* WinXP */), + ok(r == REG_EXIT_FAILURE || broken(r == REG_EXIT_SUCCESS /* WinXP */), "got exit code %u\n", r); run_reg_exe("reg add HKCU\\" KEY_BASE "\\keytest3\\ /f", &r); -- 2.1.1