Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
W
wine-winehq
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
wine
wine-winehq
Commits
7a200887
Commit
7a200887
authored
Aug 10, 2016
by
Sebastian Lackner
Committed by
Alexandre Julliard
Aug 10, 2016
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
advapi32: Validate received service name.
Signed-off-by:
Sebastian Lackner
<
sebastian@fds-team.de
>
Signed-off-by:
Alexandre Julliard
<
julliard@winehq.org
>
parent
5f2b96b8
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
18 additions
and
9 deletions
+18
-9
service.c
dlls/advapi32/service.c
+18
-9
No files found.
dlls/advapi32/service.c
View file @
7a200887
...
@@ -424,7 +424,8 @@ static DWORD WINAPI service_control_dispatcher(LPVOID arg)
...
@@ -424,7 +424,8 @@ static DWORD WINAPI service_control_dispatcher(LPVOID arg)
{
{
service_data
*
service
;
service_data
*
service
;
service_start_info
info
;
service_start_info
info
;
WCHAR
*
data
=
NULL
;
BYTE
*
data
=
NULL
;
WCHAR
*
name
;
BOOL
r
;
BOOL
r
;
DWORD
data_size
=
0
,
count
,
result
;
DWORD
data_size
=
0
,
count
,
result
;
...
@@ -460,16 +461,24 @@ static DWORD WINAPI service_control_dispatcher(LPVOID arg)
...
@@ -460,16 +461,24 @@ static DWORD WINAPI service_control_dispatcher(LPVOID arg)
}
}
}
}
/* find the service */
/* validate service name */
name
=
(
WCHAR
*
)
data
;
if
(
!
info
.
name_size
||
data_size
<
info
.
name_size
*
sizeof
(
WCHAR
)
||
name
[
info
.
name_size
-
1
])
{
ERR
(
"got request without valid service name
\n
"
);
result
=
ERROR_INVALID_PARAMETER
;
goto
done
;
}
if
(
!
(
service
=
find_service_by_name
(
data
)))
/* find the service */
if
(
!
(
service
=
find_service_by_name
(
name
)))
{
{
FIXME
(
"got request %u for unknown service %s
\n
"
,
info
.
cmd
,
debugstr_w
(
data
));
FIXME
(
"got request %u for unknown service %s
\n
"
,
info
.
cmd
,
debugstr_w
(
name
));
result
=
ERROR_INVALID_PARAMETER
;
result
=
ERROR_INVALID_PARAMETER
;
goto
done
;
goto
done
;
}
}
TRACE
(
"got request %u for service %s
\n
"
,
info
.
cmd
,
debugstr_w
(
data
)
);
TRACE
(
"got request %u for service %s
\n
"
,
info
.
cmd
,
debugstr_w
(
name
)
);
/* handle the request */
/* handle the request */
switch
(
info
.
cmd
)
switch
(
info
.
cmd
)
...
@@ -477,12 +486,12 @@ static DWORD WINAPI service_control_dispatcher(LPVOID arg)
...
@@ -477,12 +486,12 @@ static DWORD WINAPI service_control_dispatcher(LPVOID arg)
case
WINESERV_STARTINFO
:
case
WINESERV_STARTINFO
:
if
(
!
service
->
handle
)
if
(
!
service
->
handle
)
{
{
if
(
!
(
service
->
handle
=
OpenServiceW
(
disp
->
manager
,
data
,
SERVICE_SET_STATUS
))
||
if
(
!
(
service
->
handle
=
OpenServiceW
(
disp
->
manager
,
name
,
SERVICE_SET_STATUS
))
||
!
(
service
->
full_access_handle
=
OpenServiceW
(
disp
->
manager
,
data
,
!
(
service
->
full_access_handle
=
OpenServiceW
(
disp
->
manager
,
name
,
GENERIC_READ
|
GENERIC_WRITE
)))
GENERIC_READ
|
GENERIC_WRITE
)))
FIXME
(
"failed to open service %s
\n
"
,
debugstr_w
(
data
)
);
FIXME
(
"failed to open service %s
\n
"
,
debugstr_w
(
name
)
);
}
}
result
=
service_handle_start
(
service
,
data
,
data_size
/
sizeof
(
WCHAR
));
result
=
service_handle_start
(
service
,
(
WCHAR
*
)
data
,
data_size
/
sizeof
(
WCHAR
));
break
;
break
;
case
WINESERV_SENDCONTROL
:
case
WINESERV_SENDCONTROL
:
result
=
service_handle_control
(
service
,
info
.
control
);
result
=
service_handle_control
(
service
,
info
.
control
);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment