17 Sep
2022
17 Sep
'22
4:59 a.m.
https://git.reactos.org/?p=reactos.git;a=commitdiff;h=e5ebbc8afaf104eff2db2…
commit e5ebbc8afaf104eff2db274a73131e83e6bed4dc
Author: Katayama Hirofumi MZ <katayama.hirofumi.mz(a)gmail.com>
AuthorDate: Sat Sep 17 13:59:51 2022 +0900
Commit: GitHub <noreply(a)github.com>
CommitDate: Sat Sep 17 13:59:51 2022 +0900
[CPL] Boundary check of Control Panel applets (#4706)
- Check the boundary (i < NUM_APPLETS) of the variable i in CPlApplet functions.
- Use UINT type for the variable i.
---
dll/cpl/access/access.c | 16 +++++++++++++---
dll/cpl/desk/desk.c | 16 +++++++++++++---
dll/cpl/hotplug/hotplug.c | 14 ++++++++++++--
dll/cpl/input/input.c | 26 +++++++++++++++++---------
dll/cpl/intl/intl.c | 32 +++++++++++++++++++++-----------
dll/cpl/joy/joy.c | 26 +++++++++++++++++---------
dll/cpl/main/main.c | 35 +++++++++++++++++++++--------------
dll/cpl/mmsys/mmsys.c | 38 +++++++++++++++++++++-----------------
dll/cpl/powercfg/powercfg.c | 28 +++++++++++++++++-----------
dll/cpl/sysdm/sysdm.c | 17 +++++++++++++----
dll/cpl/timedate/timedate.c | 32 +++++++++++++++++++-------------
dll/cpl/usrmgr/usrmgr.c | 12 ++++++++++--
12 files changed, 194 insertions(+), 98 deletions(-)
diff --git a/dll/cpl/access/access.c b/dll/cpl/access/access.c
index d840adfe99e..82ebb52ac04 100644
--- a/dll/cpl/access/access.c
+++ b/dll/cpl/access/access.c
@@ -240,7 +240,7 @@ CPlApplet(HWND hwndCPl,
LPARAM lParam1,
LPARAM lParam2)
{
- INT i = (INT)lParam1;
+ UINT i = (UINT)lParam1;
switch (uMsg)
{
@@ -251,6 +251,7 @@ CPlApplet(HWND hwndCPl,
return NUM_APPLETS;
case CPL_INQUIRE:
+ if (i < NUM_APPLETS)
{
CPLINFO *CPlInfo = (CPLINFO*)lParam2;
CPlInfo->lData = 0;
@@ -258,14 +259,23 @@ CPlApplet(HWND hwndCPl,
CPlInfo->idName = Applets[i].idName;
CPlInfo->idInfo = Applets[i].idDescription;
}
+ else
+ {
+ return TRUE;
+ }
break;
case CPL_DBLCLK:
- Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2);
+ if (i < NUM_APPLETS)
+ Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2);
+ else
+ return TRUE;
break;
case CPL_STARTWPARMSW:
- return Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2);
+ if (i < NUM_APPLETS)
+ return Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2);
+ break;
}
return FALSE;
diff --git a/dll/cpl/desk/desk.c b/dll/cpl/desk/desk.c
index 213ec6c8ff9..a5df62885a2 100644
--- a/dll/cpl/desk/desk.c
+++ b/dll/cpl/desk/desk.c
@@ -252,7 +252,7 @@ cleanup:
LONG CALLBACK
CPlApplet(HWND hwndCPl, UINT uMsg, LPARAM lParam1, LPARAM lParam2)
{
- int i = (int)lParam1;
+ UINT i = (UINT)lParam1;
switch (uMsg)
{
@@ -263,6 +263,7 @@ CPlApplet(HWND hwndCPl, UINT uMsg, LPARAM lParam1, LPARAM lParam2)
return NUM_APPLETS;
case CPL_INQUIRE:
+ if (i < NUM_APPLETS)
{
CPLINFO *CPlInfo = (CPLINFO*)lParam2;
CPlInfo->lData = 0;
@@ -270,14 +271,23 @@ CPlApplet(HWND hwndCPl, UINT uMsg, LPARAM lParam1, LPARAM lParam2)
CPlInfo->idName = Applets[i].idName;
CPlInfo->idInfo = Applets[i].idDescription;
}
+ else
+ {
+ return TRUE;
+ }
break;
case CPL_DBLCLK:
- Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2);
+ if (i < NUM_APPLETS)
+ Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2);
+ else
+ return TRUE;
break;
case CPL_STARTWPARMSW:
- return Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2);
+ if (i < NUM_APPLETS)
+ return Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2);
+ break;
}
return FALSE;
diff --git a/dll/cpl/hotplug/hotplug.c b/dll/cpl/hotplug/hotplug.c
index da848bf2cbe..7f2930f26cc 100644
--- a/dll/cpl/hotplug/hotplug.c
+++ b/dll/cpl/hotplug/hotplug.c
@@ -548,6 +548,7 @@ CPlApplet(
return NUM_APPLETS;
case CPL_INQUIRE:
+ if (i < NUM_APPLETS)
{
CPLINFO *CPlInfo = (CPLINFO*)lParam2;
CPlInfo->lData = 0;
@@ -555,14 +556,23 @@ CPlApplet(
CPlInfo->idName = Applets[i].idName;
CPlInfo->idInfo = Applets[i].idDescription;
}
+ else
+ {
+ return TRUE;
+ }
break;
case CPL_DBLCLK:
- Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2);
+ if (i < NUM_APPLETS)
+ Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2);
+ else
+ return TRUE;
break;
case CPL_STARTWPARMSW:
- return Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2);
+ if (i < NUM_APPLETS)
+ return Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2);
+ break;
}
return FALSE;
}
diff --git a/dll/cpl/input/input.c b/dll/cpl/input/input.c
index d621f2f9cf7..cd8a0291cb5 100644
--- a/dll/cpl/input/input.c
+++ b/dll/cpl/input/input.c
@@ -87,9 +87,7 @@ LONG CALLBACK
CPlApplet(HWND hwndCPl, UINT uMsg, LPARAM lParam1, LPARAM lParam2)
{
CPLINFO *CPlInfo;
- int i;
-
- i = (int)lParam1;
+ UINT i = (UINT)lParam1;
switch (uMsg)
{
@@ -100,15 +98,25 @@ CPlApplet(HWND hwndCPl, UINT uMsg, LPARAM lParam1, LPARAM lParam2)
return NUM_APPLETS;
case CPL_INQUIRE:
- CPlInfo = (CPLINFO*)lParam2;
- CPlInfo->lData = 0;
- CPlInfo->idIcon = Applets[i].idIcon;
- CPlInfo->idName = Applets[i].idName;
- CPlInfo->idInfo = Applets[i].idDescription;
+ if (i < NUM_APPLETS)
+ {
+ CPlInfo = (CPLINFO*)lParam2;
+ CPlInfo->lData = 0;
+ CPlInfo->idIcon = Applets[i].idIcon;
+ CPlInfo->idName = Applets[i].idName;
+ CPlInfo->idInfo = Applets[i].idDescription;
+ }
+ else
+ {
+ return TRUE;
+ }
break;
case CPL_DBLCLK:
- Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2);
+ if (i < NUM_APPLETS)
+ Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2);
+ else
+ return TRUE;
break;
}
diff --git a/dll/cpl/intl/intl.c b/dll/cpl/intl/intl.c
index 054a8f1e674..bce915ce177 100644
--- a/dll/cpl/intl/intl.c
+++ b/dll/cpl/intl/intl.c
@@ -232,6 +232,8 @@ CPlApplet(HWND hwndCpl,
LPARAM lParam1,
LPARAM lParam2)
{
+ UINT i = (UINT)lParam1;
+
switch (uMsg)
{
case CPL_INIT:
@@ -241,23 +243,31 @@ CPlApplet(HWND hwndCpl,
return NUM_APPLETS;
case CPL_INQUIRE:
- {
- CPLINFO *CPlInfo = (CPLINFO*)lParam2;
- UINT uAppIndex = (UINT)lParam1;
-
- CPlInfo->lData = 0;
- CPlInfo->idIcon = Applets[uAppIndex].idIcon;
- CPlInfo->idName = Applets[uAppIndex].idName;
- CPlInfo->idInfo = Applets[uAppIndex].idDescription;
+ if (i < NUM_APPLETS)
+ {
+ CPLINFO *CPlInfo = (CPLINFO*)lParam2;
+ CPlInfo->lData = 0;
+ CPlInfo->idIcon = Applets[i].idIcon;
+ CPlInfo->idName = Applets[i].idName;
+ CPlInfo->idInfo = Applets[i].idDescription;
+ }
+ else
+ {
+ return TRUE;
+ }
break;
- }
case CPL_DBLCLK:
- Applets[(UINT)lParam1].AppletProc(hwndCpl, uMsg, lParam1, lParam2);
+ if (i < NUM_APPLETS)
+ Applets[i].AppletProc(hwndCpl, uMsg, lParam1, lParam2);
+ else
+ return TRUE;
break;
case CPL_STARTWPARMSW:
- return Applets[(UINT)lParam1].AppletProc(hwndCpl, uMsg, lParam1, lParam2);
+ if (i < NUM_APPLETS)
+ return Applets[i].AppletProc(hwndCpl, uMsg, lParam1, lParam2);
+ break;
}
return FALSE;
diff --git a/dll/cpl/joy/joy.c b/dll/cpl/joy/joy.c
index f58c874c9e6..057ec4c8534 100644
--- a/dll/cpl/joy/joy.c
+++ b/dll/cpl/joy/joy.c
@@ -319,11 +319,9 @@ LONG CALLBACK
CPlApplet(HWND hwndCPl, UINT uMsg, LPARAM lParam1, LPARAM lParam2)
{
CPLINFO *CPlInfo;
- DWORD i;
-
+ UINT i = (UINT)lParam1;
UNREFERENCED_PARAMETER(hwndCPl);
- i = (DWORD)lParam1;
switch (uMsg)
{
case CPL_INIT:
@@ -333,15 +331,25 @@ CPlApplet(HWND hwndCPl, UINT uMsg, LPARAM lParam1, LPARAM lParam2)
return NUM_APPLETS;
case CPL_INQUIRE:
- CPlInfo = (CPLINFO*)lParam2;
- CPlInfo->lData = 0;
- CPlInfo->idIcon = Applets[i].idIcon;
- CPlInfo->idName = Applets[i].idName;
- CPlInfo->idInfo = Applets[i].idDescription;
+ if (i < NUM_APPLETS)
+ {
+ CPlInfo = (CPLINFO*)lParam2;
+ CPlInfo->lData = 0;
+ CPlInfo->idIcon = Applets[i].idIcon;
+ CPlInfo->idName = Applets[i].idName;
+ CPlInfo->idInfo = Applets[i].idDescription;
+ }
+ else
+ {
+ return TRUE;
+ }
break;
case CPL_DBLCLK:
- Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2);
+ if (i < NUM_APPLETS)
+ Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2);
+ else
+ return TRUE;
break;
}
diff --git a/dll/cpl/main/main.c b/dll/cpl/main/main.c
index 6e1294b3bd0..70c432a2504 100644
--- a/dll/cpl/main/main.c
+++ b/dll/cpl/main/main.c
@@ -87,6 +87,8 @@ CPlApplet(HWND hwndCpl,
LPARAM lParam1,
LPARAM lParam2)
{
+ UINT i = (UINT)lParam1;
+
switch(uMsg)
{
case CPL_INIT:
@@ -96,26 +98,31 @@ CPlApplet(HWND hwndCpl,
return NUM_APPLETS;
case CPL_INQUIRE:
- {
- CPLINFO *CPlInfo = (CPLINFO*)lParam2;
- UINT uAppIndex = (UINT)lParam1;
-
- CPlInfo->lData = lParam1;
- CPlInfo->idIcon = Applets[uAppIndex].idIcon;
- CPlInfo->idName = Applets[uAppIndex].idName;
- CPlInfo->idInfo = Applets[uAppIndex].idDescription;
+ if (i < NUM_APPLETS)
+ {
+ CPLINFO *CPlInfo = (CPLINFO*)lParam2;
+ CPlInfo->lData = lParam1;
+ CPlInfo->idIcon = Applets[i].idIcon;
+ CPlInfo->idName = Applets[i].idName;
+ CPlInfo->idInfo = Applets[i].idDescription;
+ }
+ else
+ {
+ return TRUE;
+ }
break;
- }
case CPL_DBLCLK:
- {
- UINT uAppIndex = (UINT)lParam1;
- Applets[uAppIndex].AppletProc(hwndCpl, uMsg, lParam1, lParam2);
+ if (i < NUM_APPLETS)
+ Applets[i].AppletProc(hwndCpl, uMsg, lParam1, lParam2);
+ else
+ return TRUE;
break;
- }
case CPL_STARTWPARMSW:
- return Applets[(UINT)lParam1].AppletProc(hwndCpl, uMsg, lParam1, lParam2);
+ if (i < NUM_APPLETS)
+ return Applets[i].AppletProc(hwndCpl, uMsg, lParam1, lParam2);
+ break;
}
return FALSE;
diff --git a/dll/cpl/mmsys/mmsys.c b/dll/cpl/mmsys/mmsys.c
index 78bdc57078b..bde437eda15 100644
--- a/dll/cpl/mmsys/mmsys.c
+++ b/dll/cpl/mmsys/mmsys.c
@@ -745,6 +745,8 @@ CPlApplet(HWND hwndCpl,
LPARAM lParam1,
LPARAM lParam2)
{
+ UINT i = (UINT)lParam1;
+
switch (uMsg)
{
case CPL_INIT:
@@ -754,29 +756,31 @@ CPlApplet(HWND hwndCpl,
return NUM_APPLETS;
case CPL_INQUIRE:
- {
- CPLINFO *CPlInfo = (CPLINFO*)lParam2;
- UINT uAppIndex = (UINT)lParam1;
-
- CPlInfo->lData = 0;
- CPlInfo->idIcon = Applets[uAppIndex].idIcon;
- CPlInfo->idName = Applets[uAppIndex].idName;
- CPlInfo->idInfo = Applets[uAppIndex].idDescription;
+ if (i < NUM_APPLETS)
+ {
+ CPLINFO *CPlInfo = (CPLINFO*)lParam2;
+ CPlInfo->lData = 0;
+ CPlInfo->idIcon = Applets[i].idIcon;
+ CPlInfo->idName = Applets[i].idName;
+ CPlInfo->idInfo = Applets[i].idDescription;
+ }
+ else
+ {
+ return TRUE;
+ }
break;
- }
case CPL_DBLCLK:
- {
- UINT uAppIndex = (UINT)lParam1;
- Applets[uAppIndex].AppletProc(hwndCpl,
- uMsg,
- lParam1,
- lParam2);
+ if (i < NUM_APPLETS)
+ Applets[i].AppletProc(hwndCpl, uMsg, lParam1, lParam2);
+ else
+ return TRUE;
break;
- }
case CPL_STARTWPARMSW:
- return Applets[(UINT)lParam1].AppletProc(hwndCpl, uMsg, lParam1, lParam2);
+ if (i < NUM_APPLETS)
+ return Applets[i].AppletProc(hwndCpl, uMsg, lParam1, lParam2);
+ break;
}
return FALSE;
diff --git a/dll/cpl/powercfg/powercfg.c b/dll/cpl/powercfg/powercfg.c
index 4e5e1c17220..9fd813a35a7 100644
--- a/dll/cpl/powercfg/powercfg.c
+++ b/dll/cpl/powercfg/powercfg.c
@@ -155,7 +155,7 @@ CPlApplet(HWND hwndCPl,
LPARAM lParam1,
LPARAM lParam2)
{
- int i = (int)lParam1;
+ UINT i = (UINT)lParam1;
switch (uMsg)
{
@@ -170,20 +170,26 @@ CPlApplet(HWND hwndCPl,
}
case CPL_INQUIRE:
- {
- CPLINFO *CPlInfo = (CPLINFO*)lParam2;
- CPlInfo->lData = 0;
- CPlInfo->idIcon = Applets[i].idIcon;
- CPlInfo->idName = Applets[i].idName;
- CPlInfo->idInfo = Applets[i].idDescription;
+ if (i < NUM_APPLETS)
+ {
+ CPLINFO *CPlInfo = (CPLINFO*)lParam2;
+ CPlInfo->lData = 0;
+ CPlInfo->idIcon = Applets[i].idIcon;
+ CPlInfo->idName = Applets[i].idName;
+ CPlInfo->idInfo = Applets[i].idDescription;
+ }
+ else
+ {
+ return TRUE;
+ }
break;
- }
case CPL_DBLCLK:
- {
- Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2);
+ if (i < NUM_APPLETS)
+ Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2);
+ else
+ return TRUE;
break;
- }
}
return FALSE;
diff --git a/dll/cpl/sysdm/sysdm.c b/dll/cpl/sysdm/sysdm.c
index a93b02ceb1e..fbd7651a6f9 100644
--- a/dll/cpl/sysdm/sysdm.c
+++ b/dll/cpl/sysdm/sysdm.c
@@ -203,7 +203,7 @@ CPlApplet(HWND hwndCPl,
LPARAM lParam1,
LPARAM lParam2)
{
- INT i = (INT)lParam1;
+ UINT i = (UINT)lParam1;
UNREFERENCED_PARAMETER(hwndCPl);
@@ -216,6 +216,7 @@ CPlApplet(HWND hwndCPl,
return NUM_APPLETS;
case CPL_INQUIRE:
+ if (i < NUM_APPLETS)
{
CPLINFO *CPlInfo = (CPLINFO*)lParam2;
CPlInfo->lData = 0;
@@ -223,15 +224,23 @@ CPlApplet(HWND hwndCPl,
CPlInfo->idName = Applets[i].idName;
CPlInfo->idInfo = Applets[i].idDescription;
}
+ else
+ {
+ return TRUE;
+ }
break;
case CPL_DBLCLK:
- Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2);
+ if (i < NUM_APPLETS)
+ Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2);
+ else
+ return TRUE;
break;
case CPL_STARTWPARMSW:
- return Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2);
-
+ if (i < NUM_APPLETS)
+ return Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2);
+ break;
}
return FALSE;
diff --git a/dll/cpl/timedate/timedate.c b/dll/cpl/timedate/timedate.c
index 9e1baaa3eca..e3f03fdf7ca 100644
--- a/dll/cpl/timedate/timedate.c
+++ b/dll/cpl/timedate/timedate.c
@@ -131,7 +131,7 @@ CPlApplet(HWND hwndCpl,
LPARAM lParam1,
LPARAM lParam2)
{
- INT i = (INT)lParam1;
+ UINT i = (UINT)lParam1;
switch (uMsg)
{
@@ -142,20 +142,26 @@ CPlApplet(HWND hwndCpl,
return NUM_APPLETS;
case CPL_INQUIRE:
- {
- CPLINFO *CPlInfo = (CPLINFO*)lParam2;
- CPlInfo->lData = 0;
- CPlInfo->idIcon = Applets[i].idIcon;
- CPlInfo->idName = Applets[i].idName;
- CPlInfo->idInfo = Applets[i].idDescription;
- }
- break;
+ if (i < NUM_APPLETS)
+ {
+ CPLINFO *CPlInfo = (CPLINFO*)lParam2;
+ CPlInfo->lData = 0;
+ CPlInfo->idIcon = Applets[i].idIcon;
+ CPlInfo->idName = Applets[i].idName;
+ CPlInfo->idInfo = Applets[i].idDescription;
+ }
+ else
+ {
+ return TRUE;
+ }
+ break;
case CPL_DBLCLK:
- {
- Applets[i].AppletProc(hwndCpl, uMsg, lParam1, lParam2);
- }
- break;
+ if (i < NUM_APPLETS)
+ Applets[i].AppletProc(hwndCpl, uMsg, lParam1, lParam2);
+ else
+ return TRUE;
+ break;
}
return FALSE;
}
diff --git a/dll/cpl/usrmgr/usrmgr.c b/dll/cpl/usrmgr/usrmgr.c
index 7aea9731796..6c00abd666e 100644
--- a/dll/cpl/usrmgr/usrmgr.c
+++ b/dll/cpl/usrmgr/usrmgr.c
@@ -90,7 +90,7 @@ UsrmgrApplet(HWND hwnd, UINT uMsg, LPARAM wParam, LPARAM lParam)
LONG CALLBACK
CPlApplet(HWND hwndCPl, UINT uMsg, LPARAM lParam1, LPARAM lParam2)
{
- int i = (int)lParam1;
+ UINT i = (UINT)lParam1;
switch (uMsg)
{
@@ -101,6 +101,7 @@ CPlApplet(HWND hwndCPl, UINT uMsg, LPARAM lParam1, LPARAM lParam2)
return NUM_APPLETS;
case CPL_INQUIRE:
+ if (i < NUM_APPLETS)
{
CPLINFO *CPlInfo = (CPLINFO*)lParam2;
CPlInfo->lData = 0;
@@ -108,10 +109,17 @@ CPlApplet(HWND hwndCPl, UINT uMsg, LPARAM lParam1, LPARAM lParam2)
CPlInfo->idName = Applets[i].idName;
CPlInfo->idInfo = Applets[i].idDescription;
}
+ else
+ {
+ return TRUE;
+ }
break;
case CPL_DBLCLK:
- Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2);
+ if (i < NUM_APPLETS)
+ Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2);
+ else
+ return TRUE;
break;
}
787
days inactive
787
days old
0 comments
1 participants
participants (1)
-
Katayama Hirofumi MZ