Author: khornicek Date: Thu Feb 2 19:41:19 2017 New Revision: 73669 URL: http://svn.reactos.org/svn/reactos?rev=73669&view=rev Log: [SETUPAPI] - remove logically dead code in SetupDiGetClassImageIndex, CID 500046 - prevent null pointer dereference in SetupDiGetClassDevPropertySheetsA, CID 500676 - use strsafe functions in SETUP_CreateDevicesListFromEnumerator, CID 514263 - fix a check and adjust the logic in SetupDiLoadClassIcon to remove dead code and possible null pointer dereference CID 1250279, CID 1250287 Modified: trunk/reactos/dll/win32/setupapi/devclass.c Modified: trunk/reactos/dll/win32/setupapi/devclass.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/setupapi/devclas… ============================================================================== --- trunk/reactos/dll/win32/setupapi/devclass.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/setupapi/devclass.c [iso-8859-1] Thu Feb 2 19:41:19 2017 @@ -23,6 +23,7 @@ #include <wingdi.h> #include <shellapi.h> +#include <strsafe.h> /* Unicode constants */ static const WCHAR BackSlash[] = {'\\',0}; @@ -164,10 +165,16 @@ rc = RegOpenKeyExW(hEnumeratorKey, KeyBuffer, 0, KEY_ENUMERATE_SUB_KEYS, &hDeviceIdKey); if (rc != ERROR_SUCCESS) goto cleanup; - strcpyW(InstancePath, Enumerator); - strcatW(InstancePath, BackSlash); - strcatW(InstancePath, KeyBuffer); - strcatW(InstancePath, BackSlash); + + if (FAILED(StringCbCopyW(InstancePath, _countof(InstancePath), Enumerator)) || + FAILED(StringCbCatW(InstancePath, _countof(InstancePath), BackSlash)) || + FAILED(StringCbCatW(InstancePath, _countof(InstancePath), KeyBuffer)) || + FAILED(StringCbCatW(InstancePath, _countof(InstancePath), BackSlash))) + { + rc = ERROR_GEN_FAILURE; + goto cleanup; + } + pEndOfInstancePath = &InstancePath[strlenW(InstancePath)]; /* Enumerate instance IDs (subkeys of hDeviceIdKey) */ @@ -406,8 +413,6 @@ SetLastError(ERROR_INVALID_USER_BUFFER); else if (list->magic != SETUP_CLASS_IMAGE_LIST_MAGIC) SetLastError(ERROR_INVALID_USER_BUFFER); - else if (!ImageIndex) - SetLastError(ERROR_INVALID_PARAMETER); else { DWORD i; @@ -784,13 +789,9 @@ if (LargeIcon) { if(!SETUP_GetClassIconInfo(ClassGuid, &iconIndex, &DllName)) - return FALSE; - - if (DllName && ExtractIconExW(DllName, -iconIndex, &hIcon, NULL, 1) == 1 && hIcon != NULL) - { - ret = TRUE; - } - else + goto cleanup; + + if (!DllName || ExtractIconExW(DllName, -iconIndex, &hIcon, NULL, 1) != 1 || hIcon == NULL) { /* load the default unknown device icon if ExtractIcon failed */ if(DllName) @@ -798,16 +799,17 @@ hIcon = LoadImage(hInstance, MAKEINTRESOURCE(iconIndex), IMAGE_ICON, 32, 32, LR_DEFAULTCOLOR); - if(!LargeIcon) - goto cleanup; - } + if(!hIcon) + goto cleanup; + } + + *LargeIcon = hIcon; } if (MiniIconIndex) *MiniIconIndex = iconIndex; ret = TRUE; - *LargeIcon = hIcon; cleanup: @@ -1180,9 +1182,12 @@ PropertySheetHeader, PropertySheetHeaderPageListSize, RequiredSize, PropertySheetType); - psh.dwFlags = PropertySheetHeader->dwFlags; - psh.phpage = PropertySheetHeader->phpage; - psh.nPages = PropertySheetHeader->nPages; + if(PropertySheetHeader) + { + psh.dwFlags = PropertySheetHeader->dwFlags; + psh.phpage = PropertySheetHeader->phpage; + psh.nPages = PropertySheetHeader->nPages; + } ret = SetupDiGetClassDevPropertySheetsW(DeviceInfoSet, DeviceInfoData, PropertySheetHeader ? &psh : NULL, PropertySheetHeaderPageListSize, RequiredSize,