Hesham/wintun
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

api: refactor .inf parsing and check SystemTimeToFileTime for errors

Browse Source 
Signed-off-by: Simon Rozman <simon@rozman.si>
This commit is contained in:
Simon Rozman 2020-11-03 10:16:49 +01:00 committed by Jason A. Donenfeld
parent 77ff03f621
commit a73927ea6c
1 changed files with 31 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
api/adapter.c
View File

@ -998,7 +998,7 @@ VersionOfInf(_Out_ FILETIME *DriverDate, _Out_ DWORDLONG *DriverVersion)
SectUnknown, SectUnknown,
SectVersion SectVersion
} Section = SectNone; } Section = SectNone;
for (const CHAR *Inf = (const CHAR *)LockedResource, *InfEnd = Inf + SizeResource; Inf < InfEnd; ++Inf) for (const char *Inf = (const char *)LockedResource, *InfEnd = Inf + SizeResource; Inf < InfEnd; ++Inf)
{ {
if (*Inf == ';') if (*Inf == ';')
{ {
@ -1019,46 +1019,48 @@ VersionOfInf(_Out_ FILETIME *DriverDate, _Out_ DWORDLONG *DriverVersion)
{ {
Inf = SkipWSpace(Inf + 1, InfEnd); Inf = SkipWSpace(Inf + 1, InfEnd);
/* Duplicate buffer, as resource is not zero-terminated. */ /* Duplicate buffer, as resource is not zero-terminated. */
CHAR buf[0x100]; char Buffer[0x100];
size_t n = InfEnd - Inf; size_t BufferLen = InfEnd - Inf;
if (n >= _countof(buf)) if (BufferLen >= _countof(Buffer))
n = _countof(buf) - 1; BufferLen = _countof(Buffer) - 1;
strncpy_s(buf, _countof(buf), Inf, n); strncpy_s(Buffer, _countof(Buffer), Inf, BufferLen);
buf[n] = 0; Buffer[BufferLen] = 0;
const CHAR *p = buf; const char *Ptr = Buffer;
CHAR *p_next; unsigned long Date[3] = { 0 };
unsigned long date[3] = { 0 }; for (size_t i = 0;; ++i, ++Ptr)
for (size_t i = 0;; ++i, ++p)
{ {
date[i] = strtoul(p, &p_next, 10); char *PtrNext;
p = p_next; Date[i] = strtoul(Ptr, &PtrNext, 10);
if (i >= _countof(date) - 1) Ptr = PtrNext;
if (i >= _countof(Date) - 1)
break; break;
if (*p != '/' && *p != '-') if (*Ptr != '/' && *Ptr != '-')
return LOG(WINTUN_LOG_ERR, L"Unexpected date delimiter"), ERROR_INVALID_DATA; return LOG(WINTUN_LOG_ERR, L"Unexpected date delimiter"), ERROR_INVALID_DATA;
} }
if (date[0] < 1 || date[0] > 12 || date[1] < 1 || date[1] > 31 || date[2] < 1601 || date[2] > 30827) if (Date[0] < 1 || Date[0] > 12 || Date[1] < 1 || Date[1] > 31 || Date[2] < 1601 || Date[2] > 30827)
return LOG(WINTUN_LOG_ERR, L"Invalid date"), ERROR_INVALID_DATA; return LOG(WINTUN_LOG_ERR, L"Invalid date"), ERROR_INVALID_DATA;
const SYSTEMTIME st = { .wYear = (WORD)date[2], .wMonth = (WORD)date[0], .wDay = (WORD)date[1] }; const SYSTEMTIME SystemTime = { .wYear = (WORD)Date[2], .wMonth = (WORD)Date[0], .wDay = (WORD)Date[1] };
SystemTimeToFileTime(&st, DriverDate); if (!SystemTimeToFileTime(&SystemTime, DriverDate))
p = SkipWSpace(p, buf + n); return LOG_LAST_ERROR(L"Failed to convert system time to file time");
ULONGLONG version[4] = { 0 }; Ptr = SkipWSpace(Ptr, Buffer + BufferLen);
if (*p == ',') ULONGLONG Version[4] = { 0 };
if (*Ptr == ',')
{ {
p = SkipWSpace(p + 1, buf + n); Ptr = SkipWSpace(Ptr + 1, Buffer + BufferLen);
for (size_t i = 0;; ++i, ++p) for (size_t i = 0;; ++i, ++Ptr)
{ {
version[i] = strtoul(p, &p_next, 10); char *PtrNext;
if (version[i] > 0xffff) Version[i] = strtoul(Ptr, &PtrNext, 10);
if (Version[i] > 0xffff)
return LOG(WINTUN_LOG_ERR, L"Version field may not exceed 65535"), ERROR_INVALID_DATA; return LOG(WINTUN_LOG_ERR, L"Version field may not exceed 65535"), ERROR_INVALID_DATA;
p = p_next; Ptr = PtrNext;
if (i >= _countof(version) - 1 || !*p || *p == ';' || iswspace(*p)) if (i >= _countof(Version) - 1 || !*Ptr || *Ptr == ';' || iswspace(*Ptr))
break; break;
if (*p != '.') if (*Ptr != '.')
return LOG(WINTUN_LOG_ERR, L"Unexpected version delimiter"), ERROR_INVALID_DATA; return LOG(WINTUN_LOG_ERR, L"Unexpected version delimiter"), ERROR_INVALID_DATA;
} }
} }
*DriverVersion = (version[0] << 48) | (version[1] << 32) | (version[2] << 16) | (version[3] << 0); *DriverVersion = (Version[0] << 48) | (Version[1] << 32) | (Version[2] << 16) | (Version[3] << 0);
return ERROR_SUCCESS; return ERROR_SUCCESS;
} }
} }