From 43ae5e54413c1e848d3ac5d06990fd8a236a4391 Mon Sep 17 00:00:00 2001 From: Ken Belleau Date: Tue, 25 Jan 2005 20:08:46 +0000 Subject: [PATCH] - Used wine_dbgstr_a to prevent an overflow. - Improved support to call macros with a variable number of parameters. - Put a check to prevent an out of bounds access. --- programs/winhelp/hlp2sgml.c | 5 +++++ programs/winhelp/hlpfile.c | 2 +- programs/winhelp/macro.lex.l | 24 +++++++++++++++--------- programs/winhelp/winhelp.c | 2 +- 4 files changed, 22 insertions(+), 11 deletions(-) diff --git a/programs/winhelp/hlp2sgml.c b/programs/winhelp/hlp2sgml.c index e353c6c8f1e..c0660fc723a 100644 --- a/programs/winhelp/hlp2sgml.c +++ b/programs/winhelp/hlp2sgml.c @@ -323,6 +323,11 @@ int wine_dbg_log( int cls, const char *channel, const char *func, const char *fo return 1; } +const char *wine_dbgstr_a( const char *s ) +{ + return NULL; +} + HBITMAP WINAPI CreateDIBitmap(HDC hdc, CONST BITMAPINFOHEADER* bih, DWORD a, CONST void* ptr, CONST BITMAPINFO* bi, UINT c) { return 0; diff --git a/programs/winhelp/hlpfile.c b/programs/winhelp/hlpfile.c index 3a969620557..4810085282d 100644 --- a/programs/winhelp/hlpfile.c +++ b/programs/winhelp/hlpfile.c @@ -915,7 +915,7 @@ static BOOL HLPFILE_AddParagraph(HLPFILE *hlpfile, BYTE *buf, BYTE *end, unsigne while (text < text_end && format < format_end) { - WINE_TRACE("Got text: '%s' (%p/%p - %p/%p)\n", text, text, text_end, format, format_end); + WINE_TRACE("Got text: '%s' (%p/%p - %p/%p)\n", wine_dbgstr_a(text), text, text_end, format, format_end); textsize = strlen(text) + 1; if (textsize > 1) { diff --git a/programs/winhelp/macro.lex.l b/programs/winhelp/macro.lex.l index 0b85245fe0d..c35c5a64bce 100644 --- a/programs/winhelp/macro.lex.l +++ b/programs/winhelp/macro.lex.l @@ -144,7 +144,7 @@ static int MACRO_CallBoolFunc(FARPROC fn, const char* args, void** ret); static int MACRO_CheckArgs(void* pa[], unsigned max, const char* args) { int t; - int idx = 0; + int len = 0, idx = 0; WINE_TRACE("Checking %s\n", args); @@ -152,6 +152,7 @@ static int MACRO_CheckArgs(void* pa[], unsigned max, const char* args) if (*args) { + len = strlen(args); for (;;) { t = yylex(); @@ -182,11 +183,16 @@ static int MACRO_CheckArgs(void* pa[], unsigned max, const char* args) } idx++; if (*++args == '\0') break; - if (yylex() != ',') {WINE_WARN("missing ,\n");return -1;} - if (idx == max) {WINE_FIXME("stack overflow (%d)\n", max);return -1;} + t = yylex(); + if (t == ')') goto CheckArgs_end; + if (t != ',') {WINE_WARN("missing ,\n");return -1;} + if (idx >= max) {WINE_FIXME("stack overflow (%d)\n", max);return -1;} } } if (yylex() != ')') {WINE_WARN("missing )\n");return -1;} + +CheckArgs_end: + while (len > idx) pa[--len] = NULL; return idx; } @@ -201,12 +207,12 @@ static int MACRO_CallBoolFunc(FARPROC fn, const char* args, void** ret) void* pa[2]; int idx = MACRO_CheckArgs(pa, sizeof(pa)/sizeof(pa[0]), args); - if (idx == -1) return 0; - if (!fn) return 1; + if (idx < 0) return 0; + if (!fn) return 1; WINE_TRACE("calling with %u pmts\n", idx); - switch (idx) + switch (strlen(args)) { case 0: *ret = (void*)(fn)(); break; case 1: *ret = (void*)(fn)(pa[0]); break; @@ -226,12 +232,12 @@ static int MACRO_CallVoidFunc(FARPROC fn, const char* args) void* pa[6]; int idx = MACRO_CheckArgs(pa, sizeof(pa)/sizeof(pa[0]), args); - if (idx == -1) return 0; - if (!fn) return 1; + if (idx < 0) return 0; + if (!fn) return 1; WINE_TRACE("calling %p with %u pmts\n", fn, idx); - switch (idx) + switch (strlen(args)) { case 0: (fn)(); break; case 1: (fn)(pa[0]); break; diff --git a/programs/winhelp/winhelp.c b/programs/winhelp/winhelp.c index 9f06bc9f09e..930ab0950c5 100644 --- a/programs/winhelp/winhelp.c +++ b/programs/winhelp/winhelp.c @@ -1089,7 +1089,7 @@ static LRESULT CALLBACK WINHELP_TextWndProc(HWND hWnd, UINT msg, WPARAM wParam, hlpfile = WINHELP_LookupHelpFile(part->link->lpszString); if (part->link->window == -1) wi = win->info; - else if (part->link->window < hlpfile->numWindows) + else if ((part->link->window >= 0) && (part->link->window < hlpfile->numWindows)) wi = &hlpfile->windows[part->link->window]; else { -- 2.11.4.GIT