-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I was on holiday when you sent these patches, sorry for the late review. Am 2014-12-13 um 18:06 schrieb Jonathan Vollebregt:

+static LSTATUS sane_path(const WCHAR *key) +{ + if (key[0] == '\\' && key[1] == '\\' && key[2] != '\\') + return ERROR_NO_REMOTE; + + return ERROR_SUCCESS; +} This adds (or rather extends) a possible out of bound array access.

Otherwise these patches look reasonable to me and worth review by others. A general note on the error handling code for other reviewers: Native reg.exe has very limited error reporting. With a few exceptions it just prints a generic message like "ERROR: INVALID SYNTAX" or something similar. I guess there are also some possible improvements on the output code as Bruno mentioned, but I think patch 3 is OK until (if ever) we have unified console output handling for all command line programs. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBAgAGBQJUrEB5AAoJEN0/YqbEcdMw8bUP/1dhlLDCE2kOZhLkhVXg0RVa BckpiGygdwfIIvGoyCaj6ObtgvrnYr7OMzZsruytK/X5UUvl+KsObctp8g1zjNY1 dFPQeBsra9TRtbtKTMX2pIdZS1wSNwWaOYrdZcKn5IkQfDWN0rwdKNujT8pAf+Ik 8dpFJUYtMjd6N0avPqphglRbW8rFhLhqYOlYuPjvzuEtBM11vGfy9mAp+sPA1ekX 8sRqGtn65w1JsT3cg054DvtY2xHNmRE5eTnrsbL7gqD/oljdPyU470eY6Vwofo3Z frAF8OKemJsU6MrxZLXe1US5GzyvvCRRpIBNcfrO6qzTTdio0/LBe77VDq9J0jAa GUWYFUtxIXw7Ccw1tNrxYp1JPo9bZnk5yONMMEAPfw2ij2iQCTvpv0lY9Kk58mqF kKzWrqzhVdi5aFGOGhnmrk7NZ4l8paA7Gk2S1c8IukWubww0hlOclrhrWDYpuEfJ ZKyGG8jFUvSjW3iTEES7NHMnCd+lWgaf+3TODrSGD5J/wdP6GQT9S78/HZ+SbM8m fxnvnDLylq9arQm3bh0wQy9ZoMCTMx4YtbTouQBpLZBDKAgZNK1BUC5sxP1NlO9P eP5JAZFHTzpGXCADkL+4OI4+ImG9mAMWGYytHGEQ3kwvAucNwTWP00twzMbSjHEX +8k+frQxyupijPZrL4vo =PJFk -----END PGP SIGNATURE-----