Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-12-28 01:55:19 +00:00
Code Issues Projects Releases Packages Wiki Activity

[SHELL32] Stop SHELL_execute from always executing files (#4363)

Browse source 
CORE-18038
Add a check (PathIsExeW) to SHELL_execute to prevent it from executing non-exe files.
This commit is contained in:
Alex Miccolis 2022-02-15 17:54:20 -06:00 committed by GitHub
parent d64ab28b5f
commit 9b71653918
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 31 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

55
dll/win32/shell32/shlexec.cpp
View file

@ -25,6 +25,8 @@
WINE_DEFAULT_DEBUG_CHANNEL(exec); WINE_DEFAULT_DEBUG_CHANNEL(exec);
EXTERN_C BOOL PathIsExeW(LPCWSTR lpszPath);
#define SEE_MASK_CLASSALL (SEE_MASK_CLASSNAME | SEE_MASK_CLASSKEY) #define SEE_MASK_CLASSALL (SEE_MASK_CLASSNAME | SEE_MASK_CLASSKEY)
typedef UINT_PTR (*SHELL_ExecuteW32)(const WCHAR *lpCmd, WCHAR *env, BOOL shWait, typedef UINT_PTR (*SHELL_ExecuteW32)(const WCHAR *lpCmd, WCHAR *env, BOOL shWait,
@ -2139,32 +2141,37 @@ static BOOL SHELL_execute(LPSHELLEXECUTEINFOW sei, SHELL_ExecuteW32 execfunc)
lpFile = sei_tmp.lpFile; lpFile = sei_tmp.lpFile;
wcmd = wcmdBuffer; wcmd = wcmdBuffer;
len = lstrlenW(wszApplicationName) + 3;
if (sei_tmp.lpParameters[0])
len += 1 + lstrlenW(wszParameters);
if (len > wcmdLen)
{
wcmd = (LPWSTR)HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
wcmdLen = len;
}
swprintf(wcmd, L"\"%s\"", wszApplicationName);
if (sei_tmp.lpParameters[0])
{
strcatW(wcmd, L" ");
strcatW(wcmd, wszParameters);
}
retval = execfunc(wcmd, NULL, FALSE, &sei_tmp, sei); /* Only execute if it has an executable extension */
if (retval > 32) if (PathIsExeW(lpFile))
{ {
HeapFree(GetProcessHeap(), 0, wszApplicationName); len = lstrlenW(wszApplicationName) + 3;
if (wszParameters != parametersBuffer) if (sei_tmp.lpParameters[0])
HeapFree(GetProcessHeap(), 0, wszParameters); len += 1 + lstrlenW(wszParameters);
if (wszDir != dirBuffer) if (len > wcmdLen)
HeapFree(GetProcessHeap(), 0, wszDir); {
if (wcmd != wcmdBuffer) wcmd = (LPWSTR)HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
HeapFree(GetProcessHeap(), 0, wcmd); wcmdLen = len;
return TRUE; }
swprintf(wcmd, L"\"%s\"", wszApplicationName);
if (sei_tmp.lpParameters[0])
{
strcatW(wcmd, L" ");
strcatW(wcmd, wszParameters);
}
retval = execfunc(wcmd, NULL, FALSE, &sei_tmp, sei);
if (retval > 32)
{
HeapFree(GetProcessHeap(), 0, wszApplicationName);
if (wszParameters != parametersBuffer)
HeapFree(GetProcessHeap(), 0, wszParameters);
if (wszDir != dirBuffer)
HeapFree(GetProcessHeap(), 0, wszDir);
if (wcmd != wcmdBuffer)
HeapFree(GetProcessHeap(), 0, wcmd);
return TRUE;
}
} }
/* Else, try to find the executable */ /* Else, try to find the executable */