Cleanup in SetupGetInfFileListW:

- Better arguments check
- Rename pFileSpecification to pFullFileName
- Fix some possible buffer overflows spotted by w3seek

svn path=/trunk/; revision=21789
This commit is contained in:
Hervé Poussineau 2006-05-03 14:26:43 +00:00
parent 1b40c53f4c
commit f50109cbc7

View file

@ -2,7 +2,7 @@
* INF file parsing * INF file parsing
* *
* Copyright 2002 Alexandre Julliard for CodeWeavers * Copyright 2002 Alexandre Julliard for CodeWeavers
* 2005 Hervé Poussineau (hpoussin@reactos.org) * 2005-2006 Hervé Poussineau (hpoussin@reactos.org)
* *
* This library is free software; you can redistribute it and/or * This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public * modify it under the terms of the GNU Lesser General Public
@ -1968,8 +1968,8 @@ SetupGetInfFileListW(
OUT PDWORD RequiredSize OPTIONAL) OUT PDWORD RequiredSize OPTIONAL)
{ {
HANDLE hSearch; HANDLE hSearch;
LPWSTR pFileSpecification = NULL; LPWSTR pFullFileName = NULL;
LPWSTR pFileName; /* Pointer into pFileSpecification buffer */ LPWSTR pFileName; /* Pointer into pFullFileName buffer */
LPWSTR pBuffer = ReturnBuffer; LPWSTR pBuffer = ReturnBuffer;
WIN32_FIND_DATAW wfdFileInfo; WIN32_FIND_DATAW wfdFileInfo;
size_t len; size_t len;
@ -1985,38 +1985,55 @@ SetupGetInfFileListW(
SetLastError(ERROR_INVALID_PARAMETER); SetLastError(ERROR_INVALID_PARAMETER);
goto cleanup; goto cleanup;
} }
else if (ReturnBufferSize == 0 && ReturnBuffer != NULL)
{
SetLastError(ERROR_INVALID_PARAMETER);
goto cleanup;
}
else if (ReturnBufferSize > 0 && ReturnBuffer == NULL)
{
SetLastError(ERROR_INVALID_PARAMETER);
goto cleanup;
}
/* Allocate memory for file filter */ /* Allocate memory for file filter */
len = DirectoryPath ? strlenW(DirectoryPath) : MAX_PATH; if (DirectoryPath != NULL)
pFileSpecification = MyMalloc( /* "DirectoryPath\*.inf" form */
(len + 1 + strlenW(InfFileSpecification) + 1) * sizeof(WCHAR)); len = strlenW(DirectoryPath) + 1 + strlenW(InfFileSpecification) + 1;
if (!pFileSpecification) else
/* "%WINDIR%\Inf\*.inf" form */
len = MAX_PATH + 1 + strlenW(InfDirectory) + strlenW(InfFileSpecification) + 1;
pFullFileName = MyMalloc(len * sizeof(WCHAR));
if (pFullFileName == NULL)
{ {
SetLastError(ERROR_NOT_ENOUGH_MEMORY); SetLastError(ERROR_NOT_ENOUGH_MEMORY);
goto cleanup; goto cleanup;
} }
/* Fill file filter buffer */
if (DirectoryPath) if (DirectoryPath)
{ {
strcpyW(pFileSpecification, DirectoryPath); strcpyW(pFullFileName, DirectoryPath);
if (pFileSpecification[strlenW(pFileSpecification)] != '\\') if (pFullFileName[strlenW(pFullFileName) - 1] != '\\')
strcatW(pFileSpecification, BackSlash); strcatW(pFullFileName, BackSlash);
} }
else else
{ {
if (GetSystemWindowsDirectoryW(pFileSpecification, MAX_PATH) == 0) len = GetSystemWindowsDirectoryW(pFullFileName, MAX_PATH);
if (len == 0 || len > MAX_PATH)
goto cleanup; goto cleanup;
if (pFileSpecification[strlenW(pFileSpecification)] != '\\') if (pFullFileName[strlenW(pFullFileName) - 1] != '\\')
strcatW(pFileSpecification, BackSlash); strcatW(pFullFileName, BackSlash);
strcatW(pFileSpecification, InfDirectory); strcatW(pFullFileName, InfDirectory);
} }
pFileName = &pFileSpecification[strlenW(pFileSpecification)]; pFileName = &pFullFileName[strlenW(pFullFileName)];
/* Search for the first file */ /* Search for the first file */
strcpyW(pFileName, InfFileSpecification); strcpyW(pFileName, InfFileSpecification);
hSearch = FindFirstFileW(pFileSpecification, &wfdFileInfo); hSearch = FindFirstFileW(pFullFileName, &wfdFileInfo);
if (hSearch == INVALID_HANDLE_VALUE) if (hSearch == INVALID_HANDLE_VALUE)
{ {
TRACE("No file returned by %s\n", debugstr_w(pFileSpecification)); TRACE("No file returned by %s\n", debugstr_w(pFullFileName));
goto cleanup; goto cleanup;
} }
@ -2026,7 +2043,7 @@ SetupGetInfFileListW(
strcpyW(pFileName, wfdFileInfo.cFileName); strcpyW(pFileName, wfdFileInfo.cFileName);
hInf = SetupOpenInfFileW( hInf = SetupOpenInfFileW(
pFileSpecification, pFullFileName,
NULL, /* Inf class */ NULL, /* Inf class */
InfStyle, InfStyle,
NULL /* Error line */); NULL /* Error line */);
@ -2037,7 +2054,7 @@ SetupGetInfFileListW(
/* InfStyle was not correct. Skip this file */ /* InfStyle was not correct. Skip this file */
continue; continue;
} }
TRACE("Invalid .inf file %s\n", debugstr_w(pFileSpecification)); TRACE("Invalid .inf file %s\n", debugstr_w(pFullFileName));
continue; continue;
} }
@ -2067,7 +2084,7 @@ SetupGetInfFileListW(
*RequiredSize = requiredSize; *RequiredSize = requiredSize;
cleanup: cleanup:
MyFree(pFileSpecification); MyFree(pFullFileName);
return ret; return ret;
} }