Author: hbelusca
Date: Sat Sep 30 22:12:21 2017
New Revision: 76010
URL:
http://svn.reactos.org/svn/reactos?rev=76010&view=rev
Log:
[CMD]: Improve ExecuteAutoRunFile() with validity checks.
Modified:
trunk/reactos/base/shell/cmd/cmd.c
Modified: trunk/reactos/base/shell/cmd/cmd.c
URL:
http://svn.reactos.org/svn/reactos/trunk/reactos/base/shell/cmd/cmd.c?rev=7…
==============================================================================
--- trunk/reactos/base/shell/cmd/cmd.c [iso-8859-1] (original)
+++ trunk/reactos/base/shell/cmd/cmd.c [iso-8859-1] Sat Sep 30 22:12:21 2017
@@ -1538,12 +1538,12 @@
{
LONG lRet;
HKEY hKey;
+ DWORD dwType, len;
/*
* Buffer big enough to hold the string L"4294967295",
* corresponding to the literal 0xFFFFFFFF (MAX_ULONG) in decimal.
*/
DWORD Buffer[6];
- DWORD dwType, len;
lRet = RegOpenKeyEx(hKeyRoot,
_T("Software\\Microsoft\\Command Processor"),
@@ -1685,28 +1685,33 @@
static VOID
ExecuteAutoRunFile(HKEY hKeyRoot)
{
- TCHAR autorun[2048];
- DWORD len = sizeof autorun;
- HKEY hkey;
-
- if (RegOpenKeyEx(hKeyRoot,
- _T("SOFTWARE\\Microsoft\\Command Processor"),
- 0,
- KEY_READ,
- &hkey) == ERROR_SUCCESS)
- {
- if (RegQueryValueEx(hkey,
+ LONG lRet;
+ HKEY hKey;
+ DWORD dwType, len;
+ TCHAR AutoRun[2048];
+
+ lRet = RegOpenKeyEx(hKeyRoot,
+ _T("Software\\Microsoft\\Command Processor"),
+ 0,
+ KEY_QUERY_VALUE,
+ &hKey);
+ if (lRet != ERROR_SUCCESS)
+ return;
+
+ len = sizeof(AutoRun);
+ lRet = RegQueryValueEx(hKey,
_T("AutoRun"),
- 0,
- 0,
- (LPBYTE)autorun,
- &len) == ERROR_SUCCESS)
- {
- if (*autorun)
- ParseCommandLine(autorun);
- }
- RegCloseKey(hkey);
- }
+ NULL,
+ &dwType,
+ (LPBYTE)&AutoRun,
+ &len);
+ if ((lRet == ERROR_SUCCESS) && (dwType == REG_EXPAND_SZ || dwType ==
REG_SZ))
+ {
+ if (*AutoRun)
+ ParseCommandLine(AutoRun);
+ }
+
+ RegCloseKey(hKey);
}
/* Get the command that comes after a /C or /K switch */