Diaa Sami : cmd: Fixed a number of buffer overflows. - wine-commits

3 Mar 2009

Module: wine
Branch: master
Commit: 8ea1a12ed6b14497423c4114a6fc95bbcc31a322
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=8ea1a12ed6b14497423c4114a6...
Author: Diaa Sami diaasami@gmail.com
Date:   Mon Mar  2 20:45:50 2009 +0200
cmd: Fixed a number of buffer overflows.
---
programs/cmd/Cs.rc      |    1 +
 programs/cmd/Da.rc      |    1 +
 programs/cmd/De.rc      |    1 +
 programs/cmd/En.rc      |    1 +
 programs/cmd/Es.rc      |    1 +
 programs/cmd/Fr.rc      |    1 +
 programs/cmd/Ja.rc      |    1 +
 programs/cmd/Ko.rc      |    1 +
 programs/cmd/Nl.rc      |    1 +
 programs/cmd/No.rc      |    1 +
 programs/cmd/Pl.rc      |    1 +
 programs/cmd/Pt.rc      |    1 +
 programs/cmd/Ru.rc      |    1 +
 programs/cmd/Si.rc      |    1 +
 programs/cmd/Tr.rc      |    1 +
 programs/cmd/wcmd.h     |    1 +
 programs/cmd/wcmdmain.c |   22 ++++++++++++----------
 17 files changed, 28 insertions(+), 10 deletions(-)

diff --git a/programs/cmd/Cs.rc b/programs/cmd/Cs.rc
index 4f6a385..15ece45 100644
--- a/programs/cmd/Cs.rc
+++ b/programs/cmd/Cs.rc
@@ -276,4 +276,5 @@ Zadejte HELP <p
   WCMD_CONSTITLE,"Wine Command Prompt"
   WCMD_VERSION,"CMD Version %s\n\n"
   WCMD_MOREPROMPT, "More? "
+  WCMD_LINETOOLONG, "The input line is too long.\n"
 }
diff --git a/programs/cmd/Da.rc b/programs/cmd/Da.rc
index a18c5e3..9870f71 100644
--- a/programs/cmd/Da.rc
+++ b/programs/cmd/Da.rc
@@ -254,4 +254,5 @@ Skriv 
   WCMD_CONSTITLE,"Wine Command Prompt"
   WCMD_VERSION,"CMD Version %s\n\n"
   WCMD_MOREPROMPT, "Mere? "
+  WCMD_LINETOOLONG, "The input line is too long.\n"
 }
diff --git a/programs/cmd/De.rc b/programs/cmd/De.rc
index 933acc4..ab41d33 100644
--- a/programs/cmd/De.rc
+++ b/programs/cmd/De.rc
@@ -292,4 +292,5 @@ obigen Befehle erhalten.\n"
   WCMD_CONSTITLE,"Wine Befehlsprozessor"
   WCMD_VERSION,"CMD Version %s\n\n"
   WCMD_MOREPROMPT, "Mehr? "
+  WCMD_LINETOOLONG, "The input line is too long.\n"
 }
diff --git a/programs/cmd/En.rc b/programs/cmd/En.rc
index aa2147d..941d58f 100644
--- a/programs/cmd/En.rc
+++ b/programs/cmd/En.rc
@@ -272,4 +272,5 @@ Enter HELP <command> for further information on any of the above commands\n"
   WCMD_CONSTITLE,"Wine Command Prompt"
   WCMD_VERSION,"CMD Version %s\n\n"
   WCMD_MOREPROMPT, "More? "
+  WCMD_LINETOOLONG, "The input line is too long.\n"
 }
diff --git a/programs/cmd/Es.rc b/programs/cmd/Es.rc
index c807483..f27906a 100644
--- a/programs/cmd/Es.rc
+++ b/programs/cmd/Es.rc
@@ -289,4 +289,5 @@ Introduzca HELP <comando> para m
   WCMD_CONSTITLE,"Wine Command Prompt"
   WCMD_VERSION,"CMD Version %s\n\n"
   WCMD_MOREPROMPT, "More? "
+  WCMD_LINETOOLONG, "The input line is too long.\n"
 }
diff --git a/programs/cmd/Fr.rc b/programs/cmd/Fr.rc
index 4be49bc..7551c76 100644
--- a/programs/cmd/Fr.rc
+++ b/programs/cmd/Fr.rc
@@ -270,4 +270,5 @@ Entrez HELP <commande> pour plus d'informations sur les commandes ci-dessus\n"
   WCMD_CONSTITLE,"Invite de commande Wine"
   WCMD_VERSION,"CMD version %s\n\n"
   WCMD_MOREPROMPT, "Plus�? "
+  WCMD_LINETOOLONG, "The input line is too long.\n"
 }
diff --git a/programs/cmd/Ja.rc b/programs/cmd/Ja.rc
index aa7ef9e..20273ec 100644
--- a/programs/cmd/Ja.rc
+++ b/programs/cmd/Ja.rc
@@ -277,6 +277,7 @@ EXIT\t\tCMDを終了\n\n\
   WCMD_CONSTITLE,"Wine Command Prompt"
   WCMD_VERSION,"CMD Version %s\n\n"
   WCMD_MOREPROMPT, "More? "
+  WCMD_LINETOOLONG, "The input line is too long.\n"
 }
#pragma code_page(default)
diff --git a/programs/cmd/Ko.rc b/programs/cmd/Ko.rc
index c4a2961..ea29a0a 100644
--- a/programs/cmd/Ko.rc
+++ b/programs/cmd/Ko.rc
@@ -264,4 +264,5 @@ HELP <
   WCMD_CONSTITLE,"Wine ���� �Է´��"
   WCMD_VERSION,"CMD ���� %s\n\n"
   WCMD_MOREPROMPT, " ��? "
+  WCMD_LINETOOLONG, "The input line is too long.\n"
 }
diff --git a/programs/cmd/Nl.rc b/programs/cmd/Nl.rc
index b1b7e57..6863b00 100644
--- a/programs/cmd/Nl.rc
+++ b/programs/cmd/Nl.rc
@@ -272,4 +272,5 @@ type HELP <opdracht> voor meer informatie over bovengenoemde opdrachten\n"
   WCMD_CONSTITLE,"Wine Command Prompt"
   WCMD_VERSION,"CMD Versie %s\n\n"
   WCMD_MOREPROMPT, "Meer? "
+  WCMD_LINETOOLONG, "The input line is too long.\n"
 }
diff --git a/programs/cmd/No.rc b/programs/cmd/No.rc
index 394d28e..71a694b 100644
--- a/programs/cmd/No.rc
+++ b/programs/cmd/No.rc
@@ -270,4 +270,5 @@ Skriv 
   WCMD_CONSTITLE,"Wine Command Prompt"
   WCMD_VERSION,"CMD Version %s\n\n"
   WCMD_MOREPROMPT, "More? "
+  WCMD_LINETOOLONG, "The input line is too long.\n"
 }
diff --git a/programs/cmd/Pl.rc b/programs/cmd/Pl.rc
index 70ac982..7951843 100644
--- a/programs/cmd/Pl.rc
+++ b/programs/cmd/Pl.rc
@@ -267,4 +267,5 @@ Wpisz HELP <komenda> dla dok
   WCMD_CONSTITLE,"Wine Command Prompt"
   WCMD_VERSION,"CMD Version %s\n\n"
   WCMD_MOREPROMPT, "More? "
+  WCMD_LINETOOLONG, "The input line is too long.\n"
 }
diff --git a/programs/cmd/Pt.rc b/programs/cmd/Pt.rc
index dd8069f..65e0a6b 100644
--- a/programs/cmd/Pt.rc
+++ b/programs/cmd/Pt.rc
@@ -499,4 +499,5 @@ Digite HELP <comando> para mais informa
   WCMD_CONSTITLE,"Wine Command Prompt"
   WCMD_VERSION,"CMD Version %s\n\n"
   WCMD_MOREPROMPT, "More? "
+  WCMD_LINETOOLONG, "The input line is too long.\n"
 }
diff --git a/programs/cmd/Ru.rc b/programs/cmd/Ru.rc
index a97c190..5bd2a05 100644
--- a/programs/cmd/Ru.rc
+++ b/programs/cmd/Ru.rc
@@ -278,4 +278,5 @@ EXIT\t\t
   WCMD_CONSTITLE,"����������� ��������� ������ Wine"
   WCMD_VERSION,"������ CMD %s\n\n"
   WCMD_MOREPROMPT, "���? "
+  WCMD_LINETOOLONG, "The input line is too long.\n"
 }
diff --git a/programs/cmd/Si.rc b/programs/cmd/Si.rc
index 4bbfdce..9a18741 100644
--- a/programs/cmd/Si.rc
+++ b/programs/cmd/Si.rc
@@ -270,6 +270,7 @@ Uporabite HELP <ukaz> za več informacijo o kateremkoli od zgoraj navedenih ukaz
   WCMD_CONSTITLE,"Wine ukazni poziv"
   WCMD_VERSION,"CMD različica %s\n\n"
   WCMD_MOREPROMPT, "Več? "
+  WCMD_LINETOOLONG, "The input line is too long.\n"
 }
#pragma code_page(default)
diff --git a/programs/cmd/Tr.rc b/programs/cmd/Tr.rc
index 204fc17..656a583 100644
--- a/programs/cmd/Tr.rc
+++ b/programs/cmd/Tr.rc
@@ -274,4 +274,5 @@ Yukar
   WCMD_CONSTITLE,"Wine Command Prompt"
   WCMD_VERSION,"CMD Version %s\n\n"
   WCMD_MOREPROMPT, "More? "
+  WCMD_LINETOOLONG, "The input line is too long.\n"
 }
diff --git a/programs/cmd/wcmd.h b/programs/cmd/wcmd.h
index a31b011..67aab42 100644
--- a/programs/cmd/wcmd.h
+++ b/programs/cmd/wcmd.h
@@ -243,6 +243,7 @@ extern WCHAR version_string[];
 #define WCMD_CONSTITLE        1032
 #define WCMD_VERSION          1033
 #define WCMD_MOREPROMPT       1034
+#define WCMD_LINETOOLONG      1035
/* msdn specified max for Win XP */
 #define MAXSTRING 8192
diff --git a/programs/cmd/wcmdmain.c b/programs/cmd/wcmdmain.c
index 4bbd72e..f90ca8c 100644
--- a/programs/cmd/wcmdmain.c
+++ b/programs/cmd/wcmdmain.c
@@ -88,7 +88,7 @@ static const WCHAR equalsW[] = {'=','\0'};
 static const WCHAR closeBW[] = {')','\0'};
 WCHAR anykey[100];
 WCHAR version_string[100];
-WCHAR quals[MAX_PATH], param1[MAX_PATH], param2[MAX_PATH];
+WCHAR quals[MAX_PATH], param1[MAXSTRING], param2[MAXSTRING];
 BATCH_CONTEXT *context = NULL;
 extern struct env_stack *pushd_directories;
 static const WCHAR *pagedMessage = NULL;
@@ -972,7 +972,8 @@ void WCMD_run_program (WCHAR *command, int called) {
   WCHAR  temp[MAX_PATH];
   WCHAR  pathtosearch[MAXSTRING];
   WCHAR *pathposn;
-  WCHAR  stemofsearch[MAX_PATH];
+  WCHAR  stemofsearch[MAX_PATH];    /* maximum allowed executable name is
+                                       MAX_PATH, including null character */
   WCHAR *lastSlash;
   WCHAR  pathext[MAXSTRING];
   BOOL  extensionsupplied = FALSE;
@@ -998,6 +999,12 @@ void WCMD_run_program (WCHAR *command, int called) {
       strcpyW (pathtosearch, curDir);
     }
     if (strchrW(param1, '.') != NULL) extensionsupplied = TRUE;
+    if (strlenW(param1) >= MAX_PATH)
+    {
+        WCMD_output_asis(WCMD_LoadMessage(WCMD_LINETOOLONG));
+        return;
+    }
+
     strcpyW(stemofsearch, param1);
} else {
@@ -1584,22 +1591,17 @@ WCHAR *WCMD_LoadMessage(UINT id) {
  *	Dumps out the parsed command line to ensure syntax is correct
  */
 static void WCMD_DumpCommands(CMD_LIST *commands) {
-    WCHAR buffer[MAXSTRING];
     CMD_LIST *thisCmd = commands;
-    const WCHAR fmt[] = {'%','p',' ','%','d',' ','%','2','.','2','d',' ',
-                         '%','p',' ','%','s',' ','R','e','d','i','r',':',
-                         '%','s','\0'};
WINE_TRACE("Parsed line:\n");
     while (thisCmd != NULL) {
-      sprintfW(buffer, fmt,
+      WINE_TRACE("%p %d %2.2d %p %s Redir:%s\n",
                thisCmd,
                thisCmd->prevDelim,
                thisCmd->bracketDepth,
                thisCmd->nextcommand,
-               thisCmd->command,
-               thisCmd->redirects);
-      WINE_TRACE("%s\n", wine_dbgstr_w(buffer));
+               wine_dbgstr_w(thisCmd->command),
+               wine_dbgstr_w(thisCmd->redirects));
       thisCmd = thisCmd->nextcommand;
     }
 }

    