From 73a27600f4a4f8e09ee7341acbaeeb3172c27f51 Mon Sep 17 00:00:00 2001 From: Rafal Harabien Date: Thu, 17 Nov 2011 16:44:51 +0000 Subject: [PATCH] [KERNEL32] - Make sure GetEnvironmentVariableW does not use uninitialized variable - Fix GetDllLoadPath not terminating string with NULL if PATH env variable is not defined. Fixes hang on manual INF selection in New Device wizard. See issue #6480 for more details. svn path=/trunk/; revision=54406 --- reactos/dll/win32/kernel32/client/environ.c | 3 +- reactos/dll/win32/kernel32/client/loader.c | 50 +++++++++++++++------ 2 files changed, 38 insertions(+), 15 deletions(-) diff --git a/reactos/dll/win32/kernel32/client/environ.c b/reactos/dll/win32/kernel32/client/environ.c index 90c70eba564..119791a7699 100644 --- a/reactos/dll/win32/kernel32/client/environ.c +++ b/reactos/dll/win32/kernel32/client/environ.c @@ -182,11 +182,10 @@ GetEnvironmentVariableW(IN LPCWSTR lpName, UniSize = UNICODE_STRING_MAX_BYTES - sizeof(UNICODE_NULL); } + RtlInitEmptyUnicodeString(&VarValue, lpBuffer, UniSize); Status = RtlInitUnicodeStringEx(&VarName, lpName); if (NT_SUCCESS(Status)) { - RtlInitEmptyUnicodeString(&VarValue, lpBuffer, UniSize); - Status = RtlQueryEnvironmentVariable_U(NULL, &VarName, &VarValue); if (!NT_SUCCESS(Status)) { diff --git a/reactos/dll/win32/kernel32/client/loader.c b/reactos/dll/win32/kernel32/client/loader.c index 644dc80411b..d28387a054d 100644 --- a/reactos/dll/win32/kernel32/client/loader.c +++ b/reactos/dll/win32/kernel32/client/loader.c @@ -80,7 +80,7 @@ BasepMapModuleHandle(HMODULE hModule, BOOLEAN AsDataFile) LPWSTR GetDllLoadPath(LPCWSTR lpModule) { - ULONG Pos = 0, Length = 0; + ULONG Pos = 0, Length = 4, Tmp; PWCHAR EnvironmentBufferW = NULL; LPCWSTR lpModuleEnd = NULL; UNICODE_STRING ModuleName; @@ -88,7 +88,7 @@ GetDllLoadPath(LPCWSTR lpModule) // FIXME: This function is used only by SearchPathW, and is deprecated and will be deleted ASAP. - if ((lpModule != NULL) && (wcslen(lpModule) > 2) && (lpModule[1] == ':')) + if (lpModule != NULL && wcslen(lpModule) > 2 && lpModule[1] == ':') { lpModuleEnd = lpModule + wcslen(lpModule); } @@ -116,10 +116,10 @@ GetDllLoadPath(LPCWSTR lpModule) Length += GetEnvironmentVariableW(L"PATH", NULL, 0); EnvironmentBufferW = RtlAllocateHeap(RtlGetProcessHeap(), 0, - Length * sizeof(WCHAR)); + (Length + 1) * sizeof(WCHAR)); if (EnvironmentBufferW == NULL) { - return NULL; + return NULL; } if (lpModule) @@ -130,15 +130,39 @@ GetDllLoadPath(LPCWSTR lpModule) EnvironmentBufferW[Pos++] = L';'; } - Pos += GetCurrentDirectoryW(Length, EnvironmentBufferW + Pos); - EnvironmentBufferW[Pos++] = L';'; - Pos += GetDllDirectoryW(Length - Pos, EnvironmentBufferW + Pos); - EnvironmentBufferW[Pos++] = L';'; - Pos += GetSystemDirectoryW(EnvironmentBufferW + Pos, Length - Pos); - EnvironmentBufferW[Pos++] = L';'; - Pos += GetWindowsDirectoryW(EnvironmentBufferW + Pos, Length - Pos); - EnvironmentBufferW[Pos++] = L';'; - Pos += GetEnvironmentVariableW(L"PATH", EnvironmentBufferW + Pos, Length - Pos); + Tmp = GetCurrentDirectoryW(Length, EnvironmentBufferW + Pos); + if(Tmp > 0 && Tmp < Length - Pos) + { + Pos += Tmp; + if(Pos < Length) EnvironmentBufferW[Pos++] = L';'; + } + + Tmp = GetDllDirectoryW(Length - Pos, EnvironmentBufferW + Pos); + if(Tmp > 0 && Tmp < Length - Pos) + { + Pos += Tmp; + if(Pos < Length) EnvironmentBufferW[Pos++] = L';'; + } + + Tmp = GetSystemDirectoryW(EnvironmentBufferW + Pos, Length - Pos); + if(Tmp > 0 && Tmp < Length - Pos) + { + Pos += Tmp; + if(Pos < Length) EnvironmentBufferW[Pos++] = L';'; + } + + Tmp = GetWindowsDirectoryW(EnvironmentBufferW + Pos, Length - Pos); + if(Tmp > 0 && Tmp < Length - Pos) + { + Pos += Tmp; + if(Pos < Length) EnvironmentBufferW[Pos++] = L';'; + } + + Tmp = GetEnvironmentVariableW(L"PATH", EnvironmentBufferW + Pos, Length - Pos); + + /* Make sure buffer is null terminated */ + EnvironmentBufferW[Pos++] = UNICODE_NULL; + SetLastError(LastError); return EnvironmentBufferW;