forked from Mirrors/wine-wine
advapi32: Validate received service name.
Signed-off-by: Sebastian Lackner <sebastian@fds-team.de> Signed-off-by: Alexandre Julliard <julliard@winehq.org>oldstable
Sebastian Lackner
Alexandre Julliard
parent
5f2b96b859
commit
7a200887bb
|
|
@ -424,7 +424,8 @@ static DWORD WINAPI service_control_dispatcher(LPVOID arg)
|
||||||
{
|
{
|
||||||
service_data *service;
|
service_data *service;
|
||||||
service_start_info info;
|
service_start_info info;
|
||||||
WCHAR *data = NULL;
|
BYTE *data = NULL;
|
||||||
|
WCHAR *name;
|
||||||
BOOL r;
|
BOOL r;
|
||||||
DWORD data_size = 0, count, result;
|
DWORD data_size = 0, count, result;
|
||||||
|
|
||||||
|
|
@ -460,16 +461,24 @@ static DWORD WINAPI service_control_dispatcher(LPVOID arg)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* find the service */
|
/* validate service name */
|
||||||
|
name = (WCHAR *)data;
|
||||||
if (!(service = find_service_by_name( data )))
|
if (!info.name_size || data_size < info.name_size * sizeof(WCHAR) || name[info.name_size - 1])
|
||||||
{
|
{
|
||||||
FIXME( "got request %u for unknown service %s\n", info.cmd, debugstr_w(data));
|
ERR( "got request without valid service name\n" );
|
||||||
result = ERROR_INVALID_PARAMETER;
|
result = ERROR_INVALID_PARAMETER;
|
||||||
goto done;
|
goto done;
|
||||||
}
|
}
|
||||||
|
|
||||||
TRACE( "got request %u for service %s\n", info.cmd, debugstr_w(data) );
|
/* find the service */
|
||||||
|
if (!(service = find_service_by_name( name )))
|
||||||
|
{
|
||||||
|
FIXME( "got request %u for unknown service %s\n", info.cmd, debugstr_w(name));
|
||||||
|
result = ERROR_INVALID_PARAMETER;
|
||||||
|
goto done;
|
||||||
|
}
|
||||||
|
|
||||||
|
TRACE( "got request %u for service %s\n", info.cmd, debugstr_w(name) );
|
||||||
|
|
||||||
/* handle the request */
|
/* handle the request */
|
||||||
switch (info.cmd)
|
switch (info.cmd)
|
||||||
|
|
@ -477,12 +486,12 @@ static DWORD WINAPI service_control_dispatcher(LPVOID arg)
|
||||||
case WINESERV_STARTINFO:
|
case WINESERV_STARTINFO:
|
||||||
if (!service->handle)
|
if (!service->handle)
|
||||||
{
|
{
|
||||||
if (!(service->handle = OpenServiceW( disp->manager, data, SERVICE_SET_STATUS )) ||
|
if (!(service->handle = OpenServiceW( disp->manager, name, SERVICE_SET_STATUS )) ||
|
||||||
!(service->full_access_handle = OpenServiceW( disp->manager, data,
|
!(service->full_access_handle = OpenServiceW( disp->manager, name,
|
||||||
GENERIC_READ|GENERIC_WRITE )))
|
GENERIC_READ|GENERIC_WRITE )))
|
||||||
FIXME( "failed to open service %s\n", debugstr_w(data) );
|
FIXME( "failed to open service %s\n", debugstr_w(name) );
|
||||||
}
|
}
|
||||||
result = service_handle_start(service, data, data_size / sizeof(WCHAR));
|
result = service_handle_start(service, (WCHAR *)data, data_size / sizeof(WCHAR));
|
||||||
break;
|
break;
|
||||||
case WINESERV_SENDCONTROL:
|
case WINESERV_SENDCONTROL:
|
||||||
result = service_handle_control(service, info.control);
|
result = service_handle_control(service, info.control);
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue