[pschweitzer] 65788: [WHOAMI] Fix invalid memory usage, memory leaks, partial zeroes, big if blocks, ... Would be nice also to check all the allocations which are not checked yet CORE-8533 - Ros-diffs

22 Dec 2014

Author: pschweitzer
Date: Mon Dec 22 09:53:24 2014
New Revision: 65788
URL: http://svn.reactos.org/svn/reactos?rev=65788&view=rev
Log:
[WHOAMI]
Fix invalid memory usage, memory leaks, partial zeroes, big if blocks, ...
Would be nice also to check all the allocations which are not checked yet
CORE-8533
Modified:
    trunk/reactos/base/applications/cmdutils/whoami/whoami.c
Modified: trunk/reactos/base/applications/cmdutils/whoami/whoami.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/base/applications/cmdutils/...
==============================================================================

--- trunk/reactos/base/applications/cmdutils/whoami/whoami.c	[iso-8859-1] (original)
+++ trunk/reactos/base/applications/cmdutils/whoami/whoami.c	[iso-8859-1] Mon Dec 22 09:53:24 2014
@@ -33,7 +33,7 @@
     int i;
if (!arg)
-        goto BailOut;
+        return FALSE;
for (i = 1; i < argc; i++)
     {
@@ -41,7 +41,6 @@
             return TRUE;
     }
-    BailOut:
     return FALSE;
 }
@@ -58,12 +57,16 @@
     LPWSTR UsrBuf = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, MAX_PATH);
     ULONG UsrSiz = MAX_PATH;
-    if (UsrBuf && GetUserNameExW(NameFormat, UsrBuf, &UsrSiz))
+    if (UsrBuf == NULL)
+        return NULL;
+
+    if (GetUserNameExW(NameFormat, UsrBuf, &UsrSiz))
     {
         CharLowerW(UsrBuf);
         return UsrBuf;
     }
+    HeapFree(GetProcessHeap(), 0, UsrBuf);
     return NULL;
 }
@@ -103,6 +106,7 @@
                                  &dwLength))
         {
             wprintf(L"ERROR 0x%x: could not get token information.\r\n", GetLastError());
+            WhoamiFree(pTokenInfo);
             exit(1);
         }
@@ -370,35 +374,33 @@
     LPWSTR pSidStr = 0;
     PSID pSid = 0;
-    if (pGroupInfo)
-    {
-        /* lets see if we can find the logon SID in that list, should be there */
-        for (dwIndex = 0; dwIndex < pGroupInfo->GroupCount; dwIndex++)
-        {
-            if ((pGroupInfo->Groups[dwIndex].Attributes & SE_GROUP_LOGON_ID) == SE_GROUP_LOGON_ID)
-            {
-                pSid = pGroupInfo->Groups[dwIndex].Sid;
-            }
-        }
-
-        if (!pSid || !ConvertSidToStringSidW(pSid, &pSidStr))
-        {
-            wprintf(L"ERROR: Couldn't convert the logon SID to a string.\n");
-            return 1;
-        }
-        else
-        {
-            /* let's show our converted logon SID */
-            wprintf(L"%s\n", pSidStr);
-        }
+    if (pGroupInfo == NULL)
+        return 0;
+
+    /* lets see if we can find the logon SID in that list, should be there */
+    for (dwIndex = 0; dwIndex < pGroupInfo->GroupCount; dwIndex++)
+    {
+        if ((pGroupInfo->Groups[dwIndex].Attributes & SE_GROUP_LOGON_ID) == SE_GROUP_LOGON_ID)
+        {
+            pSid = pGroupInfo->Groups[dwIndex].Sid;
+        }
+    }
+
+    if (pSid == 0 || !ConvertSidToStringSidW(pSid, &pSidStr))
+    {
+        WhoamiFree(pGroupInfo);
+        wprintf(L"ERROR: Couldn't convert the logon SID to a string.\n");
+        return 1;
+    }
+    else
+    {
+        /* let's show our converted logon SID */
+        wprintf(L"%s\n", pSidStr);
     }
/* cleanup our allocations */
-    if (pSidStr)
-        LocalFree(pSidStr);
-
-    if (pGroupInfo)
-        WhoamiFree(pGroupInfo);
+    LocalFree(pSidStr);
+    WhoamiFree(pGroupInfo);
return 0;
 }
@@ -406,41 +408,42 @@
 int WhoamiUser(void)
 {
     PTOKEN_USER pUserInfo = (PTOKEN_USER) WhoamiGetTokenInfo(TokenUser);
-    LPWSTR pUserStr = WhoamiGetUser(NameSamCompatible);
+    LPWSTR pUserStr = NULL;
     LPWSTR pSidStr = NULL;
-
-    if (pUserInfo && pUserStr)
-    {
-        WhoamiTable *UserTable = WhoamiAllocTable(2, 2);
-
-        WhoamiPrintHeader(IDS_USER_HEADER);
-
-        /* set the column labels */
-        WhoamiSetTable(UserTable, WhoamiLoadRcString(IDS_COL_USER_NAME), 0, 0);
-        WhoamiSetTable(UserTable, WhoamiLoadRcString(IDS_COL_SID), 0, 1);
-
-        ConvertSidToStringSidW(pUserInfo->User.Sid, &pSidStr);
-
-        /* set the values for our single row of data */
-        WhoamiSetTable(UserTable, pUserStr, 1, 0);
-        WhoamiSetTable(UserTable, pSidStr, 1, 1);
-
-        WhoamiPrintTable(UserTable);
-    }
-    else
+    WhoamiTable *UserTable = NULL;
+
+    if (pUserInfo == NULL)
     {
         return 1;
     }
+    pUserStr = WhoamiGetUser(NameSamCompatible);
+    if (pUserStr == NULL)
+    {
+        WhoamiFree(pUserInfo);
+        return 1;
+    }
+
+    UserTable = WhoamiAllocTable(2, 2);
+
+    WhoamiPrintHeader(IDS_USER_HEADER);
+
+    /* set the column labels */
+    WhoamiSetTable(UserTable, WhoamiLoadRcString(IDS_COL_USER_NAME), 0, 0);
+    WhoamiSetTable(UserTable, WhoamiLoadRcString(IDS_COL_SID), 0, 1);
+
+    ConvertSidToStringSidW(pUserInfo->User.Sid, &pSidStr);
+
+    /* set the values for our single row of data */
+    WhoamiSetTable(UserTable, pUserStr, 1, 0);
+    WhoamiSetTable(UserTable, pSidStr, 1, 1);
+
+    WhoamiPrintTable(UserTable);
+
     /* cleanup our allocations */
-    if (pSidStr)
-        LocalFree(pSidStr);
-
-    if (pUserInfo)
-        WhoamiFree(pUserInfo);
-
-    if (pUserStr)
-        WhoamiFree(pUserStr);
+    LocalFree(pSidStr);
+    WhoamiFree(pUserInfo);
+    WhoamiFree(pUserStr);
return 0;
 }
@@ -473,175 +476,171 @@
     };
PTOKEN_GROUPS pGroupInfo = (PTOKEN_GROUPS)WhoamiGetTokenInfo(TokenGroups);
-
-    if (pGroupInfo)
-    {
-        /* the header is the first (0) row, so we start in the second one (1) */
-        UINT PrintingRow = 1;
-
-        WhoamiTable *GroupTable = WhoamiAllocTable(pGroupInfo->GroupCount + 1, 4);
-
-        WhoamiPrintHeader(IDS_GROU_HEADER);
-
-        WhoamiSetTable(GroupTable, WhoamiLoadRcString(IDS_COL_GROUP_NAME), 0, 0);
-        WhoamiSetTable(GroupTable, WhoamiLoadRcString(IDS_COL_TYPE), 0, 1);
-        WhoamiSetTable(GroupTable, WhoamiLoadRcString(IDS_COL_SID), 0, 2);
-        WhoamiSetTable(GroupTable, WhoamiLoadRcString(IDS_COL_ATTRIB), 0, 3);
-
-        for (dwIndex = 0; dwIndex < pGroupInfo->GroupCount; dwIndex++)
-        {
-            LookupAccountSidW(NULL,
-                              pGroupInfo->Groups[dwIndex].Sid,
-                              (LPWSTR)&szGroupName,
-                              &cchGroupName,
-                              (LPWSTR)&szDomainName,
-                              &cchDomainName,
-                              &Use);
-
-            /* the original tool seems to limit the list to these kind of SID items */
-            if ((Use == SidTypeWellKnownGroup || Use == SidTypeAlias ||
-                Use == SidTypeLabel) && !(pGroupInfo->Groups[dwIndex].Attributes & SE_GROUP_LOGON_ID))
-            {
+    UINT PrintingRow;
+    WhoamiTable *GroupTable = NULL;
+
+    if (pGroupInfo == NULL)
+    {
+        return 1;
+    }
+
+    /* the header is the first (0) row, so we start in the second one (1) */
+    PrintingRow = 1;
+
+    GroupTable = WhoamiAllocTable(pGroupInfo->GroupCount + 1, 4);
+
+    WhoamiPrintHeader(IDS_GROU_HEADER);
+
+    WhoamiSetTable(GroupTable, WhoamiLoadRcString(IDS_COL_GROUP_NAME), 0, 0);
+    WhoamiSetTable(GroupTable, WhoamiLoadRcString(IDS_COL_TYPE), 0, 1);
+    WhoamiSetTable(GroupTable, WhoamiLoadRcString(IDS_COL_SID), 0, 2);
+    WhoamiSetTable(GroupTable, WhoamiLoadRcString(IDS_COL_ATTRIB), 0, 3);
+
+    for (dwIndex = 0; dwIndex < pGroupInfo->GroupCount; dwIndex++)
+    {
+        LookupAccountSidW(NULL,
+                          pGroupInfo->Groups[dwIndex].Sid,
+                          (LPWSTR)&szGroupName,
+                          &cchGroupName,
+                          (LPWSTR)&szDomainName,
+                          &cchDomainName,
+                          &Use);
+
+        /* the original tool seems to limit the list to these kind of SID items */
+        if ((Use == SidTypeWellKnownGroup || Use == SidTypeAlias ||
+            Use == SidTypeLabel) && !(pGroupInfo->Groups[dwIndex].Attributes & SE_GROUP_LOGON_ID))
+        {
                 wchar_t tmpBuffer[666];
-                /* looks like windows treats 0x60 as 0x7 for some reason, let's just nod and call it a day:
-                   0x60 is SE_GROUP_INTEGRITY | SE_GROUP_INTEGRITY_ENABLED
-                   0x07 is SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED */
-
-                if (pGroupInfo->Groups[dwIndex].Attributes == 0x60)
-                    pGroupInfo->Groups[dwIndex].Attributes = 0x07;
-
-                /* 1- format it as DOMAIN\GROUP if the domain exists, or just GROUP if not */
-                _snwprintf((LPWSTR)&tmpBuffer,
-                           666,
-                           L"%s%s%s",
-                           szDomainName,
-                           cchDomainName ? L"\" : L"",
-                           szGroupName);
-
-                WhoamiSetTable(GroupTable, tmpBuffer, PrintingRow, 0);
-
-                /* 2- let's find out the group type by using a simple lookup table for lack of a better method */
-                WhoamiSetTable(GroupTable, WhoamiLoadRcString(SidNameUseStr[Use]), PrintingRow, 1);
-
-                /* 3- turn that SID into text-form */
-                ConvertSidToStringSidW(pGroupInfo->Groups[dwIndex].Sid, &pSidStr);
-
-                WhoamiSetTable(GroupTable, pSidStr, PrintingRow, 2);
-
-                LocalFree(pSidStr);
-
-                /* 4- reuse that buffer for appending the attributes in text-form at the very end */
-                ZeroMemory(tmpBuffer, 666);
-
-                if (pGroupInfo->Groups[dwIndex].Attributes & SE_GROUP_MANDATORY)
-                    StringCchCat(tmpBuffer, 666, WhoamiLoadRcString(IDS_ATTR_GROUP_MANDATORY));
-                if (pGroupInfo->Groups[dwIndex].Attributes & SE_GROUP_ENABLED_BY_DEFAULT)
-                    StringCchCat(tmpBuffer, 666, WhoamiLoadRcString(IDS_ATTR_GROUP_ENABLED_BY_DEFAULT));
-                if (pGroupInfo->Groups[dwIndex].Attributes & SE_GROUP_ENABLED)
-                    StringCchCat(tmpBuffer, 666, WhoamiLoadRcString(IDS_ATTR_GROUP_ENABLED));
-                if (pGroupInfo->Groups[dwIndex].Attributes & SE_GROUP_OWNER)
-                    StringCchCat(tmpBuffer, 666, WhoamiLoadRcString(IDS_ATTR_GROUP_OWNER));
-
-                /* remove the last comma (', ' which is 2 wchars) of the buffer, let's keep it simple */
-                tmpBuffer[max(wcslen(tmpBuffer) - 2, 0)] = UNICODE_NULL;
-
-                WhoamiSetTable(GroupTable, tmpBuffer, PrintingRow, 3);
-
-                PrintingRow++;
-            }
-
-            /* reset the buffers so that we can reuse them */
-            ZeroMemory(szGroupName, 255);
-            ZeroMemory(szDomainName, 255);
-
-            cchGroupName = 255;
-            cchDomainName = 255;
-        }
-
-        WhoamiPrintTable(GroupTable);
-    }
-    else
+            /* looks like windows treats 0x60 as 0x7 for some reason, let's just nod and call it a day:
+               0x60 is SE_GROUP_INTEGRITY | SE_GROUP_INTEGRITY_ENABLED
+               0x07 is SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED */
+
+            if (pGroupInfo->Groups[dwIndex].Attributes == 0x60)
+                pGroupInfo->Groups[dwIndex].Attributes = 0x07;
+
+            /* 1- format it as DOMAIN\GROUP if the domain exists, or just GROUP if not */
+            _snwprintf((LPWSTR)&tmpBuffer,
+                       _countof(tmpBuffer),
+                       L"%s%s%s",
+                       szDomainName,
+                       cchDomainName ? L"\" : L"",
+                       szGroupName);
+
+            WhoamiSetTable(GroupTable, tmpBuffer, PrintingRow, 0);
+
+            /* 2- let's find out the group type by using a simple lookup table for lack of a better method */
+            WhoamiSetTable(GroupTable, WhoamiLoadRcString(SidNameUseStr[Use]), PrintingRow, 1);
+
+            /* 3- turn that SID into text-form */
+            ConvertSidToStringSidW(pGroupInfo->Groups[dwIndex].Sid, &pSidStr);
+
+            WhoamiSetTable(GroupTable, pSidStr, PrintingRow, 2);
+
+            LocalFree(pSidStr);
+
+            /* 4- reuse that buffer for appending the attributes in text-form at the very end */
+            ZeroMemory(tmpBuffer, sizeof(tmpBuffer));
+
+            if (pGroupInfo->Groups[dwIndex].Attributes & SE_GROUP_MANDATORY)
+                StringCchCat(tmpBuffer, _countof(tmpBuffer), WhoamiLoadRcString(IDS_ATTR_GROUP_MANDATORY));
+            if (pGroupInfo->Groups[dwIndex].Attributes & SE_GROUP_ENABLED_BY_DEFAULT)
+                StringCchCat(tmpBuffer, _countof(tmpBuffer), WhoamiLoadRcString(IDS_ATTR_GROUP_ENABLED_BY_DEFAULT));
+            if (pGroupInfo->Groups[dwIndex].Attributes & SE_GROUP_ENABLED)
+                StringCchCat(tmpBuffer, _countof(tmpBuffer), WhoamiLoadRcString(IDS_ATTR_GROUP_ENABLED));
+            if (pGroupInfo->Groups[dwIndex].Attributes & SE_GROUP_OWNER)
+                StringCchCat(tmpBuffer, _countof(tmpBuffer), WhoamiLoadRcString(IDS_ATTR_GROUP_OWNER));
+
+            /* remove the last comma (', ' which is 2 wchars) of the buffer, let's keep it simple */
+            tmpBuffer[max(wcslen(tmpBuffer) - 2, 0)] = UNICODE_NULL;
+
+            WhoamiSetTable(GroupTable, tmpBuffer, PrintingRow, 3);
+
+            PrintingRow++;
+        }
+
+        /* reset the buffers so that we can reuse them */
+        ZeroMemory(szGroupName, sizeof(szGroupName));
+        ZeroMemory(szDomainName, sizeof(szDomainName));
+
+        cchGroupName = 255;
+        cchDomainName = 255;
+    }
+
+    WhoamiPrintTable(GroupTable);
+
+    /* cleanup our allocations */
+    WhoamiFree((LPVOID)pGroupInfo);
+
+    return 0;
+}
+
+int WhoamiPriv(void)
+{
+    PTOKEN_PRIVILEGES pPrivInfo = (PTOKEN_PRIVILEGES) WhoamiGetTokenInfo(TokenPrivileges);
+    DWORD dwResult = 0, dwIndex = 0;
+    WhoamiTable *PrivTable = NULL;
+
+    if (pPrivInfo == NULL)
     {
         return 1;
     }
+    PrivTable = WhoamiAllocTable(pPrivInfo->PrivilegeCount + 1, 3);
+
+    WhoamiPrintHeader(IDS_PRIV_HEADER);
+
+    WhoamiSetTable(PrivTable, WhoamiLoadRcString(IDS_COL_PRIV_NAME), 0, 0);
+    WhoamiSetTable(PrivTable, WhoamiLoadRcString(IDS_COL_DESCRIPTION), 0, 1);
+    WhoamiSetTable(PrivTable, WhoamiLoadRcString(IDS_COL_STATE), 0, 2);
+
+    for (dwIndex = 0; dwIndex < pPrivInfo->PrivilegeCount; dwIndex++)
+    {
+        PWSTR PrivName = NULL, DispName = NULL;
+        DWORD PrivNameSize = 0, DispNameSize = 0;
+        BOOL ret = FALSE;
+
+        ret = LookupPrivilegeNameW(NULL,
+                                   &pPrivInfo->Privileges[dwIndex].Luid,
+                                   NULL,
+                                   &PrivNameSize);
+
+        PrivName = HeapAlloc(GetProcessHeap(), 0, ++PrivNameSize*sizeof(WCHAR));
+
+        LookupPrivilegeNameW(NULL,
+                             &pPrivInfo->Privileges[dwIndex].Luid,
+                             PrivName,
+                             &PrivNameSize);
+
+        WhoamiSetTableDyn(PrivTable, PrivName, dwIndex + 1, 0);
+
+        ret = LookupPrivilegeDisplayNameW(NULL, PrivName, NULL, &DispNameSize, &dwResult);
+
+        if (!ret || GetLastError() == ERROR_NO_SUCH_PRIVILEGE)
+        {
+            DispName = HeapAlloc(GetProcessHeap(), 0, ++DispNameSize * sizeof(WCHAR));
+
+            LookupPrivilegeDisplayNameW(NULL, PrivName, DispName, &DispNameSize, &dwResult);
+
+            //wprintf(L"DispName: %d %x '%s'\n", DispNameSize, GetLastError(), DispName);
+
+            WhoamiSetTableDyn(PrivTable, DispName, dwIndex + 1, 1);
+        }
+        else
+        {
+            WhoamiSetTable(PrivTable, WhoamiLoadRcString(IDS_UNKNOWN_DESCRIPTION), dwIndex + 1, 1);
+        }
+
+        if (pPrivInfo->Privileges[dwIndex].Attributes & SE_PRIVILEGE_ENABLED)
+            WhoamiSetTable(PrivTable, WhoamiLoadRcString(IDS_STATE_ENABLED),  dwIndex + 1, 2);
+        else
+            WhoamiSetTable(PrivTable, WhoamiLoadRcString(IDS_STATE_DISABLED), dwIndex + 1, 2);
+    }
+
+    WhoamiPrintTable(PrivTable);
+
     /* cleanup our allocations */
-    if (pGroupInfo)
-        WhoamiFree((LPVOID)pGroupInfo);
-
-    return 0;
-}
-
-int WhoamiPriv(void)
-{
-    PTOKEN_PRIVILEGES pPrivInfo = (PTOKEN_PRIVILEGES) WhoamiGetTokenInfo(TokenPrivileges);
-
-    if (pPrivInfo)
-    {
-        DWORD dwResult = 0, dwIndex = 0;
-
-        WhoamiTable *PrivTable = WhoamiAllocTable(pPrivInfo->PrivilegeCount + 1, 3);
-
-        WhoamiPrintHeader(IDS_PRIV_HEADER);
-
-        WhoamiSetTable(PrivTable, WhoamiLoadRcString(IDS_COL_PRIV_NAME), 0, 0);
-        WhoamiSetTable(PrivTable, WhoamiLoadRcString(IDS_COL_DESCRIPTION), 0, 1);
-        WhoamiSetTable(PrivTable, WhoamiLoadRcString(IDS_COL_STATE), 0, 2);
-
-        for (dwIndex = 0; dwIndex < pPrivInfo->PrivilegeCount; dwIndex++)
-        {
-            PWSTR PrivName = NULL, DispName = NULL;
-            DWORD PrivNameSize = 0, DispNameSize = 0;
-            BOOL ret = FALSE;
-
-            ret = LookupPrivilegeNameW(NULL,
-                                       &pPrivInfo->Privileges[dwIndex].Luid,
-                                       NULL,
-                                       &PrivNameSize);
-
-            PrivName = HeapAlloc(GetProcessHeap(), 0, ++PrivNameSize*sizeof(WCHAR));
-
-            LookupPrivilegeNameW(NULL,
-                                 &pPrivInfo->Privileges[dwIndex].Luid,
-                                 PrivName,
-                                 &PrivNameSize);
-
-            WhoamiSetTableDyn(PrivTable, PrivName, dwIndex + 1, 0);
-
-            ret = LookupPrivilegeDisplayNameW(NULL, PrivName, NULL, &DispNameSize, &dwResult);
-
-            if (!ret || GetLastError() == ERROR_NO_SUCH_PRIVILEGE)
-            {
-                DispName = HeapAlloc(GetProcessHeap(), 0, ++DispNameSize * sizeof(WCHAR));
-
-                LookupPrivilegeDisplayNameW(NULL, PrivName, DispName, &DispNameSize, &dwResult);
-
-                //wprintf(L"DispName: %d %x '%s'\n", DispNameSize, GetLastError(), DispName);
-
-                WhoamiSetTableDyn(PrivTable, DispName, dwIndex + 1, 1);
-            }
-            else
-            {
-                WhoamiSetTable(PrivTable, WhoamiLoadRcString(IDS_UNKNOWN_DESCRIPTION), dwIndex + 1, 1);
-            }
-
-            if (pPrivInfo->Privileges[dwIndex].Attributes & SE_PRIVILEGE_ENABLED)
-                WhoamiSetTable(PrivTable, WhoamiLoadRcString(IDS_STATE_ENABLED),  dwIndex + 1, 2);
-            else
-                WhoamiSetTable(PrivTable, WhoamiLoadRcString(IDS_STATE_DISABLED), dwIndex + 1, 2);
-        }
-
-        WhoamiPrintTable(PrivTable);
-    }
-    else
-    {
-        return 1;
-    }
-
-    /* cleanup our allocations */
-    if (pPrivInfo)
-        WhoamiFree(pPrivInfo);
+    WhoamiFree(pPrivInfo);
return 0;
 }

    