Michael Karcher : advpack: Fix buffer sizes for possibly quoted strings. - wine-commits

30 May 2008

Module: wine
Branch: master
Commit: 98778f486a43b72e1d4fe1f7cfc8d7ecfc78dad2
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=98778f486a43b72e1d4fe1f7cf...
Author: Michael Karcher wine@mkarcher.dialup.fu-berlin.de
Date:   Thu May 29 17:35:03 2008 +0200
advpack: Fix buffer sizes for possibly quoted strings.
---
dlls/advpack/advpack.c       |   10 +++---
 dlls/advpack/tests/advpack.c |   57 ++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 62 insertions(+), 5 deletions(-)

diff --git a/dlls/advpack/advpack.c b/dlls/advpack/advpack.c
index 8ef1c9a..6c26e51 100644
--- a/dlls/advpack/advpack.c
+++ b/dlls/advpack/advpack.c
@@ -68,8 +68,8 @@ static void strip_quotes(WCHAR *buffer, DWORD *size)
 static void get_dest_dir(HINF hInf, PCWSTR pszSection, PWSTR pszBuffer, DWORD dwSize)
 {
     INFCONTEXT context;
-    WCHAR key[MAX_PATH], value[MAX_PATH];
-    WCHAR prefix[PREFIX_LEN];
+    WCHAR key[MAX_PATH + 2], value[MAX_PATH + 2];
+    WCHAR prefix[PREFIX_LEN + 2];
     HKEY root, subkey;
     DWORD size;
@@ -78,11 +78,11 @@ static void get_dest_dir(HINF hInf, PCWSTR pszSection, PWSTR pszBuffer, DWORD dw
/* load the destination parameters */
     SetupFindFirstLineW(hInf, pszSection, NULL, &context);
-    SetupGetStringFieldW(&context, 1, prefix, PREFIX_LEN, &size);
+    SetupGetStringFieldW(&context, 1, prefix, PREFIX_LEN + 2, &size);
     strip_quotes(prefix, &size);
-    SetupGetStringFieldW(&context, 2, key, MAX_PATH, &size);
+    SetupGetStringFieldW(&context, 2, key, MAX_PATH + 2, &size);
     strip_quotes(key, &size);
-    SetupGetStringFieldW(&context, 3, value, MAX_PATH, &size);
+    SetupGetStringFieldW(&context, 3, value, MAX_PATH + 2, &size);
     strip_quotes(value, &size);
if (!lstrcmpW(prefix, hklm))
diff --git a/dlls/advpack/tests/advpack.c b/dlls/advpack/tests/advpack.c
index b90df2d..e761577 100644
--- a/dlls/advpack/tests/advpack.c
+++ b/dlls/advpack/tests/advpack.c
@@ -465,6 +465,63 @@ static void translateinfstringex_test(void)
     ok(hr == S_OK, "Expected S_OK, got %08x\n", hr);
DeleteFileA(inf_file);
+
+    /* Create another .inf file which is just here to trigger a wine bug */
+    {
+        char data[1024];
+        char *ptr = data;
+        DWORD dwNumberOfBytesWritten;
+        HANDLE hf = CreateFile(inf_file, GENERIC_WRITE, 0, NULL,
+                           CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
+
+        append_str(&ptr, "[Version]\n");
+        append_str(&ptr, "Signature="$Chicago$"\n");
+        append_str(&ptr, "[section]\n");
+        append_str(&ptr, "NotACustomDestination=Version\n");
+        append_str(&ptr, "CustomDestination=CustInstDestSection\n");
+        append_str(&ptr, "[CustInstDestSection]\n");
+        append_str(&ptr, "49010=DestA,1\n");
+        append_str(&ptr, "49020=DestB\n");
+        append_str(&ptr, "49030=DestC\n");
+        append_str(&ptr, "49040=DestD\n");
+        append_str(&ptr, "[Options.NTx86]\n");
+        append_str(&ptr, "Result2=%%49030%%\n");
+        append_str(&ptr, "[DestA]\n");
+        append_str(&ptr, "HKLM,"Software\Garbage","ProgramFilesDir",,'%%24%%'\n");
+        /* The point of this test is to have HKCU just before the quoted HKLM */
+        append_str(&ptr, "[DestB]\n");
+        append_str(&ptr, "HKCU,"Software\Garbage","ProgramFilesDir",,'%%24%%'\n");
+        append_str(&ptr, "[DestC]\n");
+        append_str(&ptr, "'HKLM','Software\Microsoft\Windows\CurrentVersion',");
+        append_str(&ptr, "'ProgramFilesDir',,"%%24%%"\n");
+        append_str(&ptr, "[DestD]\n");
+        append_str(&ptr, "HKLM,"Software\Garbage","ProgramFilesDir",,'%%24%%'\n");
+
+        WriteFile(hf, data, ptr - data, &dwNumberOfBytesWritten, NULL);
+        CloseHandle(hf);
+    }
+
+    /* open the inf with the install section */
+    hr = pOpenINFEngine(inf_file, "section", 0, &hinf, NULL);
+    ok(hr == S_OK, "Expected S_OK, got %08x\n", hr);
+
+    /* Single quote test (Note size includes null on return from call) */
+    memset(buffer, 'a', APP_PATH_LEN);
+    buffer[APP_PATH_LEN - 1] = '\0';
+    size = MAX_PATH;
+    hr = pTranslateInfStringEx(hinf, inf_file, "Options.NTx86", "Result2",
+                              buffer, size, &size, NULL);
+    ok(hr == S_OK, "Expected S_OK, got %08x\n", hr);
+    ok(!lstrcmpi(buffer, PROG_FILES_ROOT),
+           "Expected %s, got %s\n", PROG_FILES_ROOT, buffer);
+    ok(size == lstrlenA(PROG_FILES_ROOT)+1, "Expected size %d, got %d\n",
+           lstrlenA(PROG_FILES_ROOT)+1, size);
+
+    /* close the INF again */
+    hr = pCloseINFEngine(hinf);
+    ok(hr == S_OK, "Expected S_OK, got %08x\n", hr);
+
+    DeleteFileA(inf_file);
 }
static BOOL check_reg_str(HKEY hkey, LPCSTR name, LPCSTR value)

    