Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-08-05 21:12:59 +00:00
Code Issues Projects Releases Packages Wiki Activity

[REGEDIT] Use <strsafe.h> functions strictly (#5825)

Browse source 
Use safer functions for buffer manipulation to avoid buffer overflow/overrun.
CORE-18876
This commit is contained in:
Katayama Hirofumi MZ 2023-10-26 10:09:31 +09:00 committed by GitHub
parent 9360423cc2
commit 8cef980ab9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 38 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

9
base/applications/regedit/childwnd.c
View file

@ -177,7 +177,7 @@ static void SuggestKeys(HKEY hRootKey, LPCWSTR pszKeyPath, LPWSTR pszSuggestions
RegCloseKey(hOtherKey); RegCloseKey(hOtherKey);
bFound = TRUE; bFound = TRUE;
wcscpy(szLastFound, szBuffer); StringCbCopyW(szLastFound, sizeof(szLastFound), szBuffer);
pszKeyPath = szLastFound; pszKeyPath = szLastFound;
} }
} }
@ -258,10 +258,11 @@ UpdateAddress(HTREEITEM hItem, HKEY hRootKey, LPCWSTR pszPath, BOOL bSelectNone)
if (fullPath) if (fullPath)
{ {
/* set (correct) the address bar text */ /* set (correct) the address bar text */
if (keyPath[0] != L'\0') if (keyPath[0] != UNICODE_NULL)
swprintf(fullPath, L"%s%s%s", rootName, keyPath[0]==L'\\'?L"":L"\\", keyPath); StringCbPrintfW(fullPath, cbFullPath, L"%s%s%s", rootName,
((keyPath[0] == L'\\') ? L"" : L"\\"), keyPath);
else else
fullPath = wcscpy(fullPath, rootName); StringCbCopyW(fullPath, cbFullPath, rootName);
SendMessageW(hStatusBar, SB_SETTEXTW, 0, (LPARAM)fullPath); SendMessageW(hStatusBar, SB_SETTEXTW, 0, (LPARAM)fullPath);
SendMessageW(g_pChildWnd->hAddressBarWnd, WM_SETTEXT, 0, (LPARAM)fullPath); SendMessageW(g_pChildWnd->hAddressBarWnd, WM_SETTEXT, 0, (LPARAM)fullPath);

26
base/applications/regedit/edit.c
View file

@ -50,10 +50,10 @@ void error(HWND hwnd, INT resId, ...)
hInstance = GetModuleHandle(0); hInstance = GetModuleHandle(0);
if (!LoadStringW(hInstance, IDS_ERROR, title, ARRAY_SIZE(title))) if (!LoadStringW(hInstance, IDS_ERROR, title, ARRAY_SIZE(title)))
wcscpy(title, L"Error"); StringCbCopyW(title, sizeof(title), L"Error");
if (!LoadStringW(hInstance, resId, errfmt, ARRAY_SIZE(errfmt))) if (!LoadStringW(hInstance, resId, errfmt, ARRAY_SIZE(errfmt)))
wcscpy(errfmt, L"Unknown error string!"); StringCbCopyW(errfmt, sizeof(errfmt), L"Unknown error string!");
va_start(ap, resId); va_start(ap, resId);
_vsnwprintf(errstr, ARRAY_SIZE(errstr), errfmt, ap); _vsnwprintf(errstr, ARRAY_SIZE(errstr), errfmt, ap);
@ -66,7 +66,7 @@ static void error_code_messagebox(HWND hwnd, DWORD error_code)
{ {
WCHAR title[256]; WCHAR title[256];
if (!LoadStringW(hInst, IDS_ERROR, title, ARRAY_SIZE(title))) if (!LoadStringW(hInst, IDS_ERROR, title, ARRAY_SIZE(title)))
wcscpy(title, L"Error"); StringCbCopyW(title, sizeof(title), L"Error");
ErrorMessageBox(hwnd, title, error_code); ErrorMessageBox(hwnd, title, error_code);
} }
@ -81,13 +81,13 @@ void warning(HWND hwnd, INT resId, ...)
hInstance = GetModuleHandle(0); hInstance = GetModuleHandle(0);
if (!LoadStringW(hInstance, IDS_WARNING, title, ARRAY_SIZE(title))) if (!LoadStringW(hInstance, IDS_WARNING, title, ARRAY_SIZE(title)))
wcscpy(title, L"Warning"); StringCbCopyW(title, sizeof(title), L"Warning");
if (!LoadStringW(hInstance, resId, errfmt, ARRAY_SIZE(errfmt))) if (!LoadStringW(hInstance, resId, errfmt, ARRAY_SIZE(errfmt)))
wcscpy(errfmt, L"Unknown error string!"); StringCbCopyW(errfmt, sizeof(errfmt), L"Unknown error string!");
va_start(ap, resId); va_start(ap, resId);
_vsnwprintf(errstr, ARRAY_SIZE(errstr), errfmt, ap); StringCbVPrintfW(errstr, sizeof(errstr), errfmt, ap);
va_end(ap); va_end(ap);
MessageBoxW(hwnd, errstr, title, MB_OK | MB_ICONSTOP); MessageBoxW(hwnd, errstr, title, MB_OK | MB_ICONSTOP);
@ -304,7 +304,7 @@ INT_PTR CALLBACK modify_dword_dlgproc(HWND hwndDlg, UINT uMsg, WPARAM wParam, LP
SetDlgItemTextW(hwndDlg, IDC_VALUE_NAME, buffer); SetDlgItemTextW(hwndDlg, IDC_VALUE_NAME, buffer);
} }
CheckRadioButton (hwndDlg, IDC_FORMAT_HEX, IDC_FORMAT_DEC, IDC_FORMAT_HEX); CheckRadioButton (hwndDlg, IDC_FORMAT_HEX, IDC_FORMAT_DEC, IDC_FORMAT_HEX);
swprintf(ValueString, L"%lx", dwordValueData); StringCbPrintfW(ValueString, sizeof(ValueString), L"%lx", dwordValueData);
SetDlgItemTextW(hwndDlg, IDC_VALUE_DATA, ValueString); SetDlgItemTextW(hwndDlg, IDC_VALUE_DATA, ValueString);
SendMessage(GetDlgItem(hwndDlg, IDC_VALUE_DATA), EM_SETSEL, 0, -1); SendMessage(GetDlgItem(hwndDlg, IDC_VALUE_DATA), EM_SETSEL, 0, -1);
SetFocus(GetDlgItem(hwndDlg, IDC_VALUE_DATA)); SetFocus(GetDlgItem(hwndDlg, IDC_VALUE_DATA));
@ -327,7 +327,7 @@ INT_PTR CALLBACK modify_dword_dlgproc(HWND hwndDlg, UINT uMsg, WPARAM wParam, LP
} }
} }
} }
swprintf(ValueString, L"%lx", Value); StringCbPrintfW(ValueString, sizeof(ValueString), L"%lx", Value);
SetDlgItemTextW(hwndDlg, IDC_VALUE_DATA, ValueString); SetDlgItemTextW(hwndDlg, IDC_VALUE_DATA, ValueString);
return TRUE; return TRUE;
} }
@ -347,7 +347,7 @@ INT_PTR CALLBACK modify_dword_dlgproc(HWND hwndDlg, UINT uMsg, WPARAM wParam, LP
} }
} }
} }
swprintf(ValueString, L"%lu", Value); StringCbPrintfW(ValueString, sizeof(ValueString), L"%lu", Value);
SetDlgItemTextW(hwndDlg, IDC_VALUE_DATA, ValueString); SetDlgItemTextW(hwndDlg, IDC_VALUE_DATA, ValueString);
return TRUE; return TRUE;
} }
@ -1491,6 +1491,7 @@ LONG RenameKey(HKEY hKey, LPCWSTR lpSubKey, LPCWSTR lpNewName)
LPCWSTR s; LPCWSTR s;
LPWSTR lpNewSubKey = NULL; LPWSTR lpNewSubKey = NULL;
LONG Ret = 0; LONG Ret = 0;
SIZE_T cbNewSubKey;
if (!lpSubKey) if (!lpSubKey)
return Ret; return Ret;
@ -1499,11 +1500,12 @@ LONG RenameKey(HKEY hKey, LPCWSTR lpSubKey, LPCWSTR lpNewName)
if (s) if (s)
{ {
s++; s++;
lpNewSubKey = (LPWSTR) HeapAlloc(GetProcessHeap(), 0, (s - lpSubKey + wcslen(lpNewName) + 1) * sizeof(WCHAR)); cbNewSubKey = (s - lpSubKey + wcslen(lpNewName) + 1) * sizeof(WCHAR);
lpNewSubKey = (LPWSTR) HeapAlloc(GetProcessHeap(), 0, cbNewSubKey);
if (lpNewSubKey != NULL) if (lpNewSubKey != NULL)
{ {
memcpy(lpNewSubKey, lpSubKey, (s - lpSubKey) * sizeof(WCHAR)); StringCbCopyNW(lpNewSubKey, cbNewSubKey, lpSubKey, (s - lpSubKey) * sizeof(WCHAR));
wcscpy(lpNewSubKey + (s - lpSubKey), lpNewName); StringCbCatW(lpNewSubKey, cbNewSubKey, lpNewName);
lpNewName = lpNewSubKey; lpNewName = lpNewSubKey;
} }
else else

21
base/applications/regedit/find.c
View file

@ -144,7 +144,7 @@ BOOL RegFindRecurse(
if(wcslen(pszSubKey) >= _countof(szSubKey)) if(wcslen(pszSubKey) >= _countof(szSubKey))
return FALSE; return FALSE;
wcscpy(szSubKey, pszSubKey); StringCbCopyW(szSubKey, sizeof(szSubKey), pszSubKey);
hSubKey = NULL; hSubKey = NULL;
lResult = RegOpenKeyExW(hKey, szSubKey, 0, KEY_ALL_ACCESS, &hSubKey); lResult = RegOpenKeyExW(hKey, szSubKey, 0, KEY_ALL_ACCESS, &hSubKey);
@ -304,14 +304,14 @@ BOOL RegFindRecurse(
ppszFoundValueName)) ppszFoundValueName))
{ {
LPWSTR psz = *ppszFoundSubKey; LPWSTR psz = *ppszFoundSubKey;
*ppszFoundSubKey = malloc( SIZE_T cbFoundSubKey = (wcslen(szSubKey) + wcslen(psz) + 2) * sizeof(WCHAR);
(wcslen(szSubKey) + wcslen(psz) + 2) * sizeof(WCHAR)); *ppszFoundSubKey = malloc(cbFoundSubKey);
if (*ppszFoundSubKey == NULL) if (*ppszFoundSubKey == NULL)
goto err; goto err;
if (szSubKey[0]) if (szSubKey[0])
{ {
wcscpy(*ppszFoundSubKey, szSubKey); StringCbCopyW(*ppszFoundSubKey, cbFoundSubKey, szSubKey);
wcscat(*ppszFoundSubKey, s_backslash); StringCbCatW(*ppszFoundSubKey, cbFoundSubKey, s_backslash);
} }
else else
**ppszFoundSubKey = 0; **ppszFoundSubKey = 0;
@ -368,7 +368,7 @@ BOOL RegFindWalk(
ppszFoundValueName)) ppszFoundValueName))
return TRUE; return TRUE;
wcscpy(szSubKey, pszSubKey); StringCbCopyW(szSubKey, sizeof(szSubKey), pszSubKey);
while(szSubKey[0] != 0) while(szSubKey[0] != 0)
{ {
if (DoEvents()) if (DoEvents())
@ -460,15 +460,14 @@ BOOL RegFindWalk(
ppszFoundSubKey, ppszFoundValueName)) ppszFoundSubKey, ppszFoundValueName))
{ {
LPWSTR psz = *ppszFoundSubKey; LPWSTR psz = *ppszFoundSubKey;
*ppszFoundSubKey = malloc( SIZE_T cbFoundSubKey = (wcslen(szSubKey) + wcslen(psz) + 2) * sizeof(WCHAR);
(wcslen(szSubKey) + wcslen(psz) + 2) * *ppszFoundSubKey = malloc(cbFoundSubKey);
sizeof(WCHAR));
if (*ppszFoundSubKey == NULL) if (*ppszFoundSubKey == NULL)
goto err; goto err;
if (szSubKey[0]) if (szSubKey[0])
{ {
wcscpy(*ppszFoundSubKey, szSubKey); StringCbCopyW(*ppszFoundSubKey, cbFoundSubKey, szSubKey);
wcscat(*ppszFoundSubKey, s_backslash); StringCbCatW(*ppszFoundSubKey, cbFoundSubKey, s_backslash);
} }
else else
**ppszFoundSubKey = 0; **ppszFoundSubKey = 0;

8
base/applications/regedit/framewnd.c
View file

@ -138,7 +138,7 @@ static void OnMenuSelect(HWND hWnd, UINT nItemID, UINT nFlags, HMENU hSysMenu)
{ {
WCHAR str[100]; WCHAR str[100];
wcscpy(str, L""); str[0] = UNICODE_NULL;
if (nFlags & MF_POPUP) if (nFlags & MF_POPUP)
{ {
if (hSysMenu != GetMenu(hWnd)) if (hSysMenu != GetMenu(hWnd))
@ -814,6 +814,7 @@ BOOL CopyKeyName(HWND hWnd, HKEY hRootKey, LPCWSTR keyName)
WCHAR szBuffer[512]; WCHAR szBuffer[512];
HGLOBAL hGlobal; HGLOBAL hGlobal;
LPWSTR s; LPWSTR s;
SIZE_T cbGlobal;
if (!OpenClipboard(hWnd)) if (!OpenClipboard(hWnd))
goto done; goto done;
@ -825,12 +826,13 @@ BOOL CopyKeyName(HWND hWnd, HKEY hRootKey, LPCWSTR keyName)
if (!GetKeyName(szBuffer, ARRAY_SIZE(szBuffer), hRootKey, keyName)) if (!GetKeyName(szBuffer, ARRAY_SIZE(szBuffer), hRootKey, keyName))
goto done; goto done;
hGlobal = GlobalAlloc(GMEM_MOVEABLE, (wcslen(szBuffer) + 1) * sizeof(WCHAR)); cbGlobal = (wcslen(szBuffer) + 1) * sizeof(WCHAR);
hGlobal = GlobalAlloc(GMEM_MOVEABLE, cbGlobal);
if (!hGlobal) if (!hGlobal)
goto done; goto done;
s = GlobalLock(hGlobal); s = GlobalLock(hGlobal);
wcscpy(s, szBuffer); StringCbCopyW(s, cbGlobal, szBuffer);
GlobalUnlock(hGlobal); GlobalUnlock(hGlobal);
SetClipboardData(CF_UNICODETEXT, hGlobal); SetClipboardData(CF_UNICODETEXT, hGlobal);

3
base/applications/regedit/security.c
View file

@ -782,8 +782,7 @@ CRegKeySecurity_fnConstructor(LPWSTR lpRegKey,
obj->ObjectInfo = *ObjectInfo; obj->ObjectInfo = *ObjectInfo;
obj->Btn = Btn; obj->Btn = Btn;
obj->hRootKey = hRootKey; obj->hRootKey = hRootKey;
wcscpy(obj->szRegKey, StringCbCopyW(obj->szRegKey, sizeof(obj->szRegKey), lpRegKey);
lpRegKey);
} }
else else
SetLastError(ERROR_NOT_ENOUGH_MEMORY); SetLastError(ERROR_NOT_ENOUGH_MEMORY);

5
base/applications/regedit/txtproc.c
View file

@ -194,8 +194,9 @@ static WCHAR *
txt_build_subkey_path(LPCWSTR path, DWORD path_len, LPCWSTR subkey_name, DWORD subkey_len) txt_build_subkey_path(LPCWSTR path, DWORD path_len, LPCWSTR subkey_name, DWORD subkey_len)
{ {
WCHAR *subkey_path; WCHAR *subkey_path;
subkey_path = malloc((path_len + subkey_len + 2) * sizeof(WCHAR)); SIZE_T cb_subkey_path = (path_len + subkey_len + 2) * sizeof(WCHAR);
swprintf(subkey_path, L"%s\\%s", path, subkey_name); subkey_path = malloc(cb_subkey_path);
StringCbPrintfW(subkey_path, cb_subkey_path, L"%s\\%s", path, subkey_name);
return subkey_path; return subkey_path;
} }