-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Am 2014-11-04 21:15, schrieb Jonathan Vollebregt:

+static BOOL sane_path(const WCHAR *key) +{ + int i = strlenW(key); + + if (i < 3 || (key[i - 1] == '\\' && key[i - 2] == '\\')) + { + reg_print_error(ERROR_BADKEY); + return FALSE; + } I think I have asked this a few times, please forgive me if I forgot the answer: Did you test if RegAddKey and friends handle this for you? dlls/advapi32/tests/registry.c would profit from some tests for the error cases you have in programs/reg/tests/reg.c .

+ if (!sane_path(key_name)) + return 1; + for (i = 1; i < argc; i++) { if (!lstrcmpiW(argvW[i], slashVW)) @@ -471,6 +485,9 @@ int wmain(int argc, WCHAR *argvW[]) }

key_name = argvW[2]; + if (!sane_path(key_name)) + return 1; + for (i = 1; i < argc; i++) { if (!lstrcmpiW(argvW[i], slashVW)) @@ -502,6 +519,9 @@ int wmain(int argc, WCHAR *argvW[]) }

key_name = argvW[2]; + if (!sane_path(key_name)) + return 1; + The helper function is a good idea if the answer to the above question is "no", but what's the advantage of calling it from main 3 times instead of reg_add, reg_delete and reg_query? All the other validation is done in reg_* .

For consistency with the other functions it would be a good idea to return ERROR_BADKEY / ERROR_NO_REMOTE here and call reg_print_error in the caller. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJUWUE0AAoJEN0/YqbEcdMwNIUP/0bcqgtH0ZPZ3DXmSVYRGq2I mUZmHxZHuGYdfWuiFKt6TjbcVUw/WNNuWn/1hTiSQC4A1wZvnvvT5w6dpKpyd1mP x48OXBPWg1hBALFvqxpK+x9CLUB745ms62wblfsltmJDei/EBnWTXy0jZn4rEshc jqTWesiieev/iaet+QbChMd+28RJmr3MoOaJkYOihi4SnLo6nXD0pcPL+tc3vtpW R0JA0GxmWNUVlqKuvqYvSIEMHoI6XwqL/Zlbr5PP11NtAmEzIEFfMUZ4uXQVY3vy C4qWcQctvQ8Akg+chmpoyZMYJ6+s3udpedzA2RhcKSymFgDRTXwdYnVFTK6BA1Pt jODRZ1RAOG9ShZMzIRNaIK7sBxYbK+wYxQpUvw5Xd5AuDnd2PUNJXnnvNMqW0c3x ZP5NxOpHucmgUgdSxPc0kwTLyC3Dg7KU1npUsxDnpZqgS9nSWZo/ZRp3kuNac6Z3 MSb3gLpvKDK/0mK09dGwJwCNHsIFfg67hjRVcswM4h/9O4gxWQ9tUzW/dwgT343+ iLaso6+Icvq4OFtXnZbZX8yPpK7j7oJgC/YFn94ib1Wz8PwMGb97OEPYF2IEsKWi xBLLDA976QeNKhb7Uxyg3Mr1ER3K4gaCHe0DCG5p4gfdGv5XhlaSOCGAdw/1UFFE IbSp8XZrbY+ZX0Psx/QW =FiSK -----END PGP SIGNATURE-----