From 8ea1a12ed6b14497423c4114a6fc95bbcc31a322 Mon Sep 17 00:00:00 2001 From: Diaa Sami Date: Mon, 2 Mar 2009 20:45:50 +0200 Subject: [PATCH] cmd: Fixed a number of buffer overflows. --- programs/cmd/Cs.rc | 1 + programs/cmd/Da.rc | 1 + programs/cmd/De.rc | 1 + programs/cmd/En.rc | 1 + programs/cmd/Es.rc | 1 + programs/cmd/Fr.rc | 1 + programs/cmd/Ja.rc | 1 + programs/cmd/Ko.rc | 1 + programs/cmd/Nl.rc | 1 + programs/cmd/No.rc | 1 + programs/cmd/Pl.rc | 1 + programs/cmd/Pt.rc | 1 + programs/cmd/Ru.rc | 1 + programs/cmd/Si.rc | 1 + programs/cmd/Tr.rc | 1 + programs/cmd/wcmd.h | 1 + programs/cmd/wcmdmain.c | 22 ++++++++++++---------- 17 files changed, 28 insertions(+), 10 deletions(-) diff --git a/programs/cmd/Cs.rc b/programs/cmd/Cs.rc index 4f6a3855d34..15ece453dcc 100644 --- a/programs/cmd/Cs.rc +++ b/programs/cmd/Cs.rc @@ -276,4 +276,5 @@ Zadejte HELP

for further information on any of the above commands\n" WCMD_CONSTITLE,"Wine Command Prompt" WCMD_VERSION,"CMD Version %s\n\n" WCMD_MOREPROMPT, "More? " + WCMD_LINETOOLONG, "The input line is too long.\n" } diff --git a/programs/cmd/Es.rc b/programs/cmd/Es.rc index c80748354dd..f27906a28e7 100644 --- a/programs/cmd/Es.rc +++ b/programs/cmd/Es.rc @@ -289,4 +289,5 @@ Introduzca HELP para m WCMD_CONSTITLE,"Wine Command Prompt" WCMD_VERSION,"CMD Version %s\n\n" WCMD_MOREPROMPT, "More? " + WCMD_LINETOOLONG, "The input line is too long.\n" } diff --git a/programs/cmd/Fr.rc b/programs/cmd/Fr.rc index 4be49bccfd9..7551c766dc8 100644 --- a/programs/cmd/Fr.rc +++ b/programs/cmd/Fr.rc @@ -270,4 +270,5 @@ Entrez HELP pour plus d'informations sur les commandes ci-dessus\n" WCMD_CONSTITLE,"Invite de commande Wine" WCMD_VERSION,"CMD version %s\n\n" WCMD_MOREPROMPT, "Plus? " + WCMD_LINETOOLONG, "The input line is too long.\n" } diff --git a/programs/cmd/Ja.rc b/programs/cmd/Ja.rc index aa7ef9e787e..20273ec9a95 100644 --- a/programs/cmd/Ja.rc +++ b/programs/cmd/Ja.rc @@ -277,6 +277,7 @@ EXIT\t\tCMDを終了\n\n\ WCMD_CONSTITLE,"Wine Command Prompt" WCMD_VERSION,"CMD Version %s\n\n" WCMD_MOREPROMPT, "More? " + WCMD_LINETOOLONG, "The input line is too long.\n" } #pragma code_page(default) diff --git a/programs/cmd/Ko.rc b/programs/cmd/Ko.rc index c4a29618c2f..ea29a0a89ab 100644 --- a/programs/cmd/Ko.rc +++ b/programs/cmd/Ko.rc @@ -264,4 +264,5 @@ HELP < WCMD_CONSTITLE,"Wine Է´" WCMD_VERSION,"CMD %s\n\n" WCMD_MOREPROMPT, " ? " + WCMD_LINETOOLONG, "The input line is too long.\n" } diff --git a/programs/cmd/Nl.rc b/programs/cmd/Nl.rc index b1b7e5705b0..6863b00969b 100644 --- a/programs/cmd/Nl.rc +++ b/programs/cmd/Nl.rc @@ -272,4 +272,5 @@ type HELP voor meer informatie over bovengenoemde opdrachten\n" WCMD_CONSTITLE,"Wine Command Prompt" WCMD_VERSION,"CMD Versie %s\n\n" WCMD_MOREPROMPT, "Meer? " + WCMD_LINETOOLONG, "The input line is too long.\n" } diff --git a/programs/cmd/No.rc b/programs/cmd/No.rc index 394d28e201c..71a694b9af5 100644 --- a/programs/cmd/No.rc +++ b/programs/cmd/No.rc @@ -270,4 +270,5 @@ Skriv WCMD_CONSTITLE,"Wine Command Prompt" WCMD_VERSION,"CMD Version %s\n\n" WCMD_MOREPROMPT, "More? " + WCMD_LINETOOLONG, "The input line is too long.\n" } diff --git a/programs/cmd/Pl.rc b/programs/cmd/Pl.rc index 70ac98245c2..7951843c3b2 100644 --- a/programs/cmd/Pl.rc +++ b/programs/cmd/Pl.rc @@ -267,4 +267,5 @@ Wpisz HELP dla dok WCMD_CONSTITLE,"Wine Command Prompt" WCMD_VERSION,"CMD Version %s\n\n" WCMD_MOREPROMPT, "More? " + WCMD_LINETOOLONG, "The input line is too long.\n" } diff --git a/programs/cmd/Pt.rc b/programs/cmd/Pt.rc index dd8069fd678..65e0a6b8833 100644 --- a/programs/cmd/Pt.rc +++ b/programs/cmd/Pt.rc @@ -499,4 +499,5 @@ Digite HELP para mais informa WCMD_CONSTITLE,"Wine Command Prompt" WCMD_VERSION,"CMD Version %s\n\n" WCMD_MOREPROMPT, "More? " + WCMD_LINETOOLONG, "The input line is too long.\n" } diff --git a/programs/cmd/Ru.rc b/programs/cmd/Ru.rc index a97c190d0ff..5bd2a05098a 100644 --- a/programs/cmd/Ru.rc +++ b/programs/cmd/Ru.rc @@ -278,4 +278,5 @@ EXIT\t\t WCMD_CONSTITLE," Wine" WCMD_VERSION," CMD %s\n\n" WCMD_MOREPROMPT, "? " + WCMD_LINETOOLONG, "The input line is too long.\n" } diff --git a/programs/cmd/Si.rc b/programs/cmd/Si.rc index 4bbfdce3df4..9a18741367c 100644 --- a/programs/cmd/Si.rc +++ b/programs/cmd/Si.rc @@ -270,6 +270,7 @@ Uporabite HELP za več informacijo o kateremkoli od zgoraj navedenih ukaz WCMD_CONSTITLE,"Wine ukazni poziv" WCMD_VERSION,"CMD različica %s\n\n" WCMD_MOREPROMPT, "Več? " + WCMD_LINETOOLONG, "The input line is too long.\n" } #pragma code_page(default) diff --git a/programs/cmd/Tr.rc b/programs/cmd/Tr.rc index 204fc17ee5a..656a5831685 100644 --- a/programs/cmd/Tr.rc +++ b/programs/cmd/Tr.rc @@ -274,4 +274,5 @@ Yukar WCMD_CONSTITLE,"Wine Command Prompt" WCMD_VERSION,"CMD Version %s\n\n" WCMD_MOREPROMPT, "More? " + WCMD_LINETOOLONG, "The input line is too long.\n" } diff --git a/programs/cmd/wcmd.h b/programs/cmd/wcmd.h index a31b0113475..67aab421efc 100644 --- a/programs/cmd/wcmd.h +++ b/programs/cmd/wcmd.h @@ -243,6 +243,7 @@ extern WCHAR version_string[]; #define WCMD_CONSTITLE 1032 #define WCMD_VERSION 1033 #define WCMD_MOREPROMPT 1034 +#define WCMD_LINETOOLONG 1035 /* msdn specified max for Win XP */ #define MAXSTRING 8192 diff --git a/programs/cmd/wcmdmain.c b/programs/cmd/wcmdmain.c index 4bbd72e3f3a..f90ca8c8a2f 100644 --- a/programs/cmd/wcmdmain.c +++ b/programs/cmd/wcmdmain.c @@ -88,7 +88,7 @@ static const WCHAR equalsW[] = {'=','\0'}; static const WCHAR closeBW[] = {')','\0'}; WCHAR anykey[100]; WCHAR version_string[100]; -WCHAR quals[MAX_PATH], param1[MAX_PATH], param2[MAX_PATH]; +WCHAR quals[MAX_PATH], param1[MAXSTRING], param2[MAXSTRING]; BATCH_CONTEXT *context = NULL; extern struct env_stack *pushd_directories; static const WCHAR *pagedMessage = NULL; @@ -972,7 +972,8 @@ void WCMD_run_program (WCHAR *command, int called) { WCHAR temp[MAX_PATH]; WCHAR pathtosearch[MAXSTRING]; WCHAR *pathposn; - WCHAR stemofsearch[MAX_PATH]; + WCHAR stemofsearch[MAX_PATH]; /* maximum allowed executable name is + MAX_PATH, including null character */ WCHAR *lastSlash; WCHAR pathext[MAXSTRING]; BOOL extensionsupplied = FALSE; @@ -998,6 +999,12 @@ void WCMD_run_program (WCHAR *command, int called) { strcpyW (pathtosearch, curDir); } if (strchrW(param1, '.') != NULL) extensionsupplied = TRUE; + if (strlenW(param1) >= MAX_PATH) + { + WCMD_output_asis(WCMD_LoadMessage(WCMD_LINETOOLONG)); + return; + } + strcpyW(stemofsearch, param1); } else { @@ -1584,22 +1591,17 @@ WCHAR *WCMD_LoadMessage(UINT id) { * Dumps out the parsed command line to ensure syntax is correct */ static void WCMD_DumpCommands(CMD_LIST *commands) { - WCHAR buffer[MAXSTRING]; CMD_LIST *thisCmd = commands; - const WCHAR fmt[] = {'%','p',' ','%','d',' ','%','2','.','2','d',' ', - '%','p',' ','%','s',' ','R','e','d','i','r',':', - '%','s','\0'}; WINE_TRACE("Parsed line:\n"); while (thisCmd != NULL) { - sprintfW(buffer, fmt, + WINE_TRACE("%p %d %2.2d %p %s Redir:%s\n", thisCmd, thisCmd->prevDelim, thisCmd->bracketDepth, thisCmd->nextcommand, - thisCmd->command, - thisCmd->redirects); - WINE_TRACE("%s\n", wine_dbgstr_w(buffer)); + wine_dbgstr_w(thisCmd->command), + wine_dbgstr_w(thisCmd->redirects)); thisCmd = thisCmd->nextcommand; } }