[reactos] 01/01: [WINLOGON] Protect function calls to '3rd-party' DLLs by SEH. (#4743) - Ros-diffs

4 Oct 2022

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=967f5b98983928e1884e82...
commit 967f5b98983928e1884e824371e7002dbd417308
Author:     Hermès Bélusca-Maïto hermes.belusca-maito@reactos.org
AuthorDate: Fri Sep 30 20:40:43 2022 +0200
Commit:     Hermès Bélusca-Maïto hermes.belusca-maito@reactos.org
CommitDate: Tue Oct 4 23:14:35 2022 +0200
[WINLOGON] Protect function calls to '3rd-party' DLLs by SEH. (#4743)
This includes:
    - Notification dll calling in CallNotificationDll().
    - winmm.dll API calling (e.g. PlaySound) in PlaySoundRoutine().
Also:
    - Fix dwKeyName usage in RegEnumKeyExW() specifying a number of *characters*.
---
 base/system/winlogon/CMakeLists.txt |  2 +-
 base/system/winlogon/notify.c       | 44 +++++++++++++++++++++++--------------
 base/system/winlogon/sas.c          | 26 +++++++++++++---------
 base/system/winlogon/winlogon.h     |  9 ++++++--
 4 files changed, 51 insertions(+), 30 deletions(-)

diff --git a/base/system/winlogon/CMakeLists.txt b/base/system/winlogon/CMakeLists.txt
index 06ff9241c91..18f9f79a328 100644
--- a/base/system/winlogon/CMakeLists.txt
+++ b/base/system/winlogon/CMakeLists.txt
@@ -21,7 +21,7 @@ list(APPEND SOURCE
add_rc_deps(winlogon.rc ${CMAKE_CURRENT_SOURCE_DIR}/res/winlogon.ico)
 add_executable(winlogon ${SOURCE} winlogon.rc)
-target_link_libraries(winlogon wine)
+target_link_libraries(winlogon wine ${PSEH_LIB})
 set_module_type(winlogon win32gui)
 add_importlibs(winlogon user32 advapi32 userenv secur32 rpcrt4 mpr msvcrt kernel32 ntdll)
 add_pch(winlogon winlogon.h SOURCE)
diff --git a/base/system/winlogon/notify.c b/base/system/winlogon/notify.c
index d84e06af47f..3aa3e0d98ec 100644
--- a/base/system/winlogon/notify.c
+++ b/base/system/winlogon/notify.c
@@ -278,7 +278,7 @@ InitNotifications(VOID)
     dwIndex = 0;
     for(;;)
     {
-        dwKeyName = 80 * sizeof(WCHAR);
+        dwKeyName = ARRAYSIZE(szKeyName);
         lError = RegEnumKeyExW(hNotifyKey,
                                dwIndex,
                                szKeyName,
@@ -312,11 +312,8 @@ CallNotificationDll(
     NOTIFICATION_TYPE Type,
     PWLX_NOTIFICATION_INFO pInfo)
 {
-    HKEY hDllKey = NULL;
-    HMODULE hModule = NULL;
+    HMODULE hModule;
     CHAR szFuncBuffer[128];
-    DWORD dwSize;
-    DWORD dwType;
     DWORD dwError = ERROR_SUCCESS;
     PWLX_NOTIFY_HANDLER pNotifyHandler;
@@ -338,6 +335,10 @@ CallNotificationDll(
     }
     else
     {
+        HKEY hDllKey;
+        DWORD dwSize;
+        DWORD dwType;
+
         dwError = RegOpenKeyExW(hNotifyKey,
                                 NotificationDll->pszKeyName,
                                 0,
@@ -356,23 +357,32 @@ CallNotificationDll(
                                    &dwType,
                                    (PBYTE)szFuncBuffer,
                                    &dwSize);
+
+        RegCloseKey(hDllKey);
     }
-    if (dwError == ERROR_SUCCESS)
-    {
-        hModule = LoadLibraryW(NotificationDll->pszDllName);
-        if (hModule != NULL)
-        {
-            pNotifyHandler = (PWLX_NOTIFY_HANDLER)GetProcAddress(hModule, szFuncBuffer);
-            if (pNotifyHandler != NULL)
-                pNotifyHandler(pInfo);
+    if (dwError != ERROR_SUCCESS)
+        return;
-            FreeLibrary(hModule);
-        }
+    hModule = LoadLibraryW(NotificationDll->pszDllName);
+    if (!hModule)
+        return;
+
+    pNotifyHandler = (PWLX_NOTIFY_HANDLER)GetProcAddress(hModule, szFuncBuffer);
+
+    _SEH2_TRY
+    {
+        if (pNotifyHandler)
+            pNotifyHandler(pInfo);
+    }
+    _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
+    {
+        ERR("WL: Exception while running notification %S!%s, Status 0x%08lx\n",
+            NotificationDll->pszDllName, szFuncBuffer, _SEH2_GetExceptionCode());
     }
+    _SEH2_END;
-    if (hDllKey != NULL)
-        RegCloseKey(hDllKey);
+    FreeLibrary(hModule);
 }
diff --git a/base/system/winlogon/sas.c b/base/system/winlogon/sas.c
index a78733b7771..bc37d5db49d 100644
--- a/base/system/winlogon/sas.c
+++ b/base/system/winlogon/sas.c
@@ -251,30 +251,36 @@ PlaySoundRoutine(
     BOOL Ret = FALSE;
hLibrary = LoadLibraryW(L"winmm.dll");
-    if (hLibrary)
+    if (!hLibrary)
+        return FALSE;
+
+    waveOutGetNumDevs = (WAVEOUTGETNUMDEVS)GetProcAddress(hLibrary, "waveOutGetNumDevs");
+    Play = (PLAYSOUNDW)GetProcAddress(hLibrary, "PlaySoundW");
+
+    _SEH2_TRY
     {
-        waveOutGetNumDevs = (WAVEOUTGETNUMDEVS)GetProcAddress(hLibrary, "waveOutGetNumDevs");
         if (waveOutGetNumDevs)
         {
             NumDevs = waveOutGetNumDevs();
             if (!NumDevs)
             {
                 if (!bLogon)
-                {
                     Beep(440, 125);
-                }
-                FreeLibrary(hLibrary);
-                return FALSE;
+                _SEH2_LEAVE;
             }
         }
-        Play = (PLAYSOUNDW)GetProcAddress(hLibrary, "PlaySoundW");
         if (Play)
-        {
             Ret = Play(FileName, NULL, Flags);
-        }
-        FreeLibrary(hLibrary);
     }
+    _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
+    {
+        ERR("WL: Exception while playing sound '%S', Status 0x%08lx\n",
+            FileName ? FileName : L"(n/a)", _SEH2_GetExceptionCode());
+    }
+    _SEH2_END;
+
+    FreeLibrary(hLibrary);
return Ret;
 }
diff --git a/base/system/winlogon/winlogon.h b/base/system/winlogon/winlogon.h
index 668fd3e0ad2..3dcf6fda0c3 100644
--- a/base/system/winlogon/winlogon.h
+++ b/base/system/winlogon/winlogon.h
@@ -26,10 +26,12 @@
 #ifndef __WINLOGON_MAIN_H__
 #define __WINLOGON_MAIN_H__
-#include <stdarg.h>
-
 #define USE_GETLASTINPUTINFO
+
+#include <stdarg.h>
+
+/* PSDK/NDK Headers */
 #define WIN32_NO_STATUS
 #include <windef.h>
 #include <winbase.h>
@@ -41,6 +43,9 @@
 #include <ndk/exfuncs.h>
 #include <strsafe.h>
+/* PSEH for SEH Support */
+#include <pseh/pseh2.h>
+
 #include <reactos/undocuser.h>
 #include <reactos/undocmpr.h>

    