nerd/rufus
1
1
Fork 0
mirror of https://github.com/pbatard/rufus.git synced 2024-08-14 23:57:05 +00:00
Code Issues 1 Projects Releases Wiki Activity

[iso] fix sanitization of paths during ISO during extraction

Browse source 
* Also add sanitization for Syslinux downloaded content
* Also factorize printout of extracted file
* Closes #397
This commit is contained in:
Pete Batard 2014-11-20 23:00:59 +00:00
parent 1210e47df2
commit 6b433c7fc0
3 changed files with 81 additions and 59 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

110
src/iso.c
View file

@ -82,18 +82,25 @@ static BOOL scan_only = FALSE;
static StrArray config_path, isolinux_path;
// Ensure filenames do not contain invalid FAT32 or NTFS characters
static __inline BOOL sanitize_filename(char* filename)
static __inline char* sanitize_filename(char* filename, BOOL* is_identical)
{
size_t i, j;
BOOL ret = FALSE;
char* ret = NULL;
char unauthorized[] = {'<', '>', ':', '|', '*', '?'};
*is_identical = TRUE;
ret = safe_strdup(filename);
if (ret == NULL) {
uprintf("Couldn't allocate string for sanitized path");
return NULL;
}
// Must start after the drive part (D:\...) so that we don't eliminate the first column
for (i=2; i<safe_strlen(filename); i++) {
for (i=2; i<safe_strlen(ret); i++) {
for (j=0; j<sizeof(unauthorized); j++) {
if (filename[i] == unauthorized[j]) {
filename[i] = '_';
ret = TRUE;
if (ret[i] == unauthorized[j]) {
ret[i] = '_';
*is_identical = FALSE;
}
}
}
@ -243,15 +250,34 @@ static void fix_syslinux(const char* psz_fullpath, const char* psz_path, const c
free(src);
}
static void print_extracted_file(char* psz_fullpath, int64_t i_file_length)
{
size_t i, nul_pos;
// Replace slashes with backslashes and append the size to the path for UI display
nul_pos = safe_strlen(psz_fullpath);
for (i=0; i<nul_pos; i++)
if (psz_fullpath[i] == '/') psz_fullpath[i] = '\\';
safe_sprintf(&psz_fullpath[nul_pos], 24, " (%s)", SizeToHumanReadable(i_file_length, TRUE, FALSE));
uprintf("Extracting: %s\n", psz_fullpath);
safe_sprintf(&psz_fullpath[nul_pos], 24, " (%s)", SizeToHumanReadable(i_file_length, FALSE, FALSE));
SetWindowTextU(hISOFileName, psz_fullpath);
// ISO9660 cannot handle backslashes
for (i=0; i<nul_pos; i++)
if (psz_fullpath[i] == '\\') psz_fullpath[i] = '/';
// Remove the appended size for extraction
psz_fullpath[nul_pos] = 0;
}
// Returns 0 on success, nonzero on error
static int udf_extract_files(udf_t *p_udf, udf_dirent_t *p_udf_dirent, const char *psz_path)
{
HANDLE file_handle = NULL;
DWORD buf_size, wr_size, err;
BOOL r, is_syslinux_cfg, is_old_c32[NB_OLD_C32];
BOOL r, is_syslinux_cfg, is_old_c32[NB_OLD_C32], is_identical;
int i_length;
size_t i, nul_pos;
char tmp[128], *psz_fullpath = NULL;
size_t i;
char tmp[128], *psz_fullpath = NULL, *psz_sanpath = NULL;
const char* psz_basename;
udf_dirent_t *p_udf_dirent2;
uint8_t buf[UDF_BLOCKSIZE];
@ -276,7 +302,11 @@ static int udf_extract_files(udf_t *p_udf, udf_dirent_t *p_udf_dirent, const cha
goto out;
}
if (udf_is_dir(p_udf_dirent)) {
if (!scan_only) IGNORE_RETVAL(_mkdirU(psz_fullpath));
if (!scan_only) {
psz_sanpath = sanitize_filename(psz_fullpath, &is_identical);
IGNORE_RETVAL(_mkdirU(psz_sanpath));
safe_free(psz_sanpath);
}
p_udf_dirent2 = udf_opendir(p_udf_dirent);
if (p_udf_dirent2 != NULL) {
if (udf_extract_files(p_udf, p_udf_dirent2, &psz_fullpath[strlen(psz_extract_dir)]))
@ -288,16 +318,7 @@ static int udf_extract_files(udf_t *p_udf, udf_dirent_t *p_udf_dirent, const cha
safe_free(psz_fullpath);
continue;
}
// Replace slashes with backslashes and append the size to the path for UI display
nul_pos = safe_strlen(psz_fullpath);
for (i=0; i<nul_pos; i++)
if (psz_fullpath[i] == '/') psz_fullpath[i] = '\\';
safe_sprintf(&psz_fullpath[nul_pos], 24, " (%s)", SizeToHumanReadable(i_file_length, TRUE, FALSE));
uprintf("Extracting: %s\n", psz_fullpath);
safe_sprintf(&psz_fullpath[nul_pos], 24, " (%s)", SizeToHumanReadable(i_file_length, FALSE, FALSE));
SetWindowTextU(hISOFileName, psz_fullpath);
// Remove the appended size for extraction
psz_fullpath[nul_pos] = 0;
print_extracted_file(psz_fullpath, i_file_length);
for (i=0; i<NB_OLD_C32; i++) {
if (is_old_c32[i] && use_own_c32[i]) {
static_sprintf(tmp, "%s/syslinux-%s/%s", FILES_DIR, embedded_sl_version_str[0], old_c32_name[i]);
@ -310,14 +331,15 @@ static int udf_extract_files(udf_t *p_udf, udf_dirent_t *p_udf_dirent, const cha
}
if (i < NB_OLD_C32)
continue;
if (sanitize_filename(psz_fullpath))
uprintf(" File name sanitized to '%s'\n", psz_fullpath);
file_handle = CreateFileU(psz_fullpath, GENERIC_READ | GENERIC_WRITE,
psz_sanpath = sanitize_filename(psz_fullpath, &is_identical);
if (!is_identical)
uprintf(" File name sanitized to '%s'\n", psz_sanpath);
file_handle = CreateFileU(psz_sanpath, GENERIC_READ | GENERIC_WRITE,
FILE_SHARE_READ|FILE_SHARE_WRITE, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
if (file_handle == INVALID_HANDLE_VALUE) {
err = GetLastError();
uprintf(" Unable to create file: %s\n", WindowsErrorString());
if ((err == ERROR_ACCESS_DENIED) && (safe_strcmp(&psz_fullpath[3], autorun_name) == 0))
if ((err == ERROR_ACCESS_DENIED) && (safe_strcmp(&psz_sanpath[3], autorun_name) == 0))
uprintf(stupid_antivirus);
else
goto out;
@ -354,7 +376,8 @@ static int udf_extract_files(udf_t *p_udf, udf_dirent_t *p_udf_dirent, const cha
// may take forever to complete and is not interruptible. We try to detect this.
ISO_BLOCKING(safe_closehandle(file_handle));
if (is_syslinux_cfg)
fix_syslinux(psz_fullpath, psz_path, psz_basename);
fix_syslinux(psz_sanpath, psz_path, psz_basename);
safe_free(psz_sanpath);
}
safe_free(psz_fullpath);
}
@ -373,15 +396,15 @@ static int iso_extract_files(iso9660_t* p_iso, const char *psz_path)
{
HANDLE file_handle = NULL;
DWORD buf_size, wr_size, err;
BOOL s, is_syslinux_cfg, is_old_c32[NB_OLD_C32], is_symlink;
BOOL s, is_syslinux_cfg, is_old_c32[NB_OLD_C32], is_symlink, is_identical;
int i_length, r = 1;
char tmp[128], psz_fullpath[MAX_PATH], *psz_basename;
char tmp[128], psz_fullpath[MAX_PATH], *psz_basename, *psz_sanpath;
const char *psz_iso_name = &psz_fullpath[strlen(psz_extract_dir)];
unsigned char buf[ISO_BLOCKSIZE];
CdioListNode_t* p_entnode;
iso9660_stat_t *p_statbuf;
CdioList_t* p_entlist;
size_t i, j, nul_pos;
size_t i, j;
lsn_t lsn;
int64_t i_file_length;
@ -423,7 +446,11 @@ static int iso_extract_files(iso9660_t* p_iso, const char *psz_path)
iso9660_name_translate_ext(p_statbuf->filename, psz_basename, i_joliet_level);
}
if (p_statbuf->type == _STAT_DIR) {
if (!scan_only) IGNORE_RETVAL(_mkdirU(psz_fullpath));
if (!scan_only) {
psz_sanpath = sanitize_filename(psz_fullpath, &is_identical);
IGNORE_RETVAL(_mkdirU(psz_sanpath));
safe_free(psz_sanpath);
}
if (iso_extract_files(p_iso, psz_iso_name))
goto out;
} else {
@ -431,18 +458,7 @@ static int iso_extract_files(iso9660_t* p_iso, const char *psz_path)
if (check_iso_props(psz_path, &is_syslinux_cfg, is_old_c32, i_file_length, psz_basename, psz_fullpath)) {
continue;
}
// Replace slashes with backslashes and append the size to the path for UI display
nul_pos = safe_strlen(psz_fullpath);
for (i=0; i<nul_pos; i++)
if (psz_fullpath[i] == '/') psz_fullpath[i] = '\\';
safe_sprintf(&psz_fullpath[nul_pos], 24, " (%s)", SizeToHumanReadable(i_file_length, TRUE, FALSE));
uprintf("Extracting: %s\n", psz_fullpath);
safe_sprintf(&psz_fullpath[nul_pos], 24, " (%s)", SizeToHumanReadable(i_file_length, FALSE, FALSE));
SetWindowTextU(hISOFileName, psz_fullpath);
// ISO9660 cannot handle backslashes
for (i=0; i<nul_pos; i++)
if (psz_fullpath[i] == '\\') psz_fullpath[i] = '/';
psz_fullpath[nul_pos] = 0;
print_extracted_file(psz_fullpath, i_file_length);
for (i=0; i<NB_OLD_C32; i++) {
if (is_old_c32[i] && use_own_c32[i]) {
static_sprintf(tmp, "%s/syslinux-%s/%s", FILES_DIR, embedded_sl_version_str[0], old_c32_name[i]);
@ -455,19 +471,20 @@ static int iso_extract_files(iso9660_t* p_iso, const char *psz_path)
}
if (i < NB_OLD_C32)
continue;
if (sanitize_filename(psz_fullpath))
uprintf(" File name sanitized to '%s'\n", psz_fullpath);
psz_sanpath = sanitize_filename(psz_fullpath, &is_identical);
if (!is_identical)
uprintf(" File name sanitized to '%s'\n", psz_sanpath);
if (is_symlink) {
if (i_file_length == 0)
uprintf(" Ignoring Rock Ridge symbolic link to '%s'\n", p_statbuf->rr.psz_symlink);
safe_free(p_statbuf->rr.psz_symlink);
}
file_handle = CreateFileU(psz_fullpath, GENERIC_READ | GENERIC_WRITE,
file_handle = CreateFileU(psz_sanpath, GENERIC_READ | GENERIC_WRITE,
FILE_SHARE_READ|FILE_SHARE_WRITE, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
if (file_handle == INVALID_HANDLE_VALUE) {
err = GetLastError();
uprintf(" Unable to create file: %s\n", WindowsErrorString());
if ((err == ERROR_ACCESS_DENIED) && (safe_strcmp(&psz_fullpath[3], autorun_name) == 0))
if ((err == ERROR_ACCESS_DENIED) && (safe_strcmp(&psz_sanpath[3], autorun_name) == 0))
uprintf(stupid_antivirus);
else
goto out;
@ -500,7 +517,8 @@ static int iso_extract_files(iso9660_t* p_iso, const char *psz_path)
}
ISO_BLOCKING(safe_closehandle(file_handle));
if (is_syslinux_cfg)
fix_syslinux(psz_fullpath, psz_path, psz_basename);
fix_syslinux(psz_sanpath, psz_path, psz_basename);
safe_free(psz_sanpath);
}
}
r = 0;

16
src/rufus.rc
View file

@ -32,7 +32,7 @@ LANGUAGE LANG_NEUTRAL, SUBLANG_NEUTRAL
IDD_DIALOG DIALOGEX 12, 12, 242, 329
STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "Rufus 1.5.0.546"
CAPTION "Rufus 1.5.0.547"
FONT 8, "Segoe UI", 400, 0, 0x1
BEGIN
DEFPUSHBUTTON "Start",IDC_START,127,291,50,14
@ -164,7 +164,7 @@ END
IDD_DIALOG_XP DIALOGEX 12, 12, 242, 329
STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "Rufus 1.5.0.546"
CAPTION "Rufus 1.5.0.547"
FONT 8, "MS Shell Dlg", 400, 0, 0x1
BEGIN
DEFPUSHBUTTON "Start",IDC_START,127,291,50,14
@ -297,7 +297,7 @@ END
IDD_DIALOG_RTL DIALOGEX 12, 12, 242, 329
STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU
EXSTYLE WS_EX_RTLREADING | WS_EX_APPWINDOW | WS_EX_LAYOUTRTL
CAPTION "Rufus 1.5.0.546"
CAPTION "Rufus 1.5.0.547"
FONT 8, "Segoe UI", 400, 0, 0x1
BEGIN
DEFPUSHBUTTON "Start",IDC_START,127,291,50,14
@ -437,7 +437,7 @@ END
IDD_DIALOG_RTL_XP DIALOGEX 12, 12, 242, 329
STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU
EXSTYLE WS_EX_RTLREADING | WS_EX_APPWINDOW | WS_EX_LAYOUTRTL
CAPTION "Rufus 1.5.0.546"
CAPTION "Rufus 1.5.0.547"
FONT 8, "MS Shell Dlg", 400, 0, 0x1
BEGIN
DEFPUSHBUTTON "Start",IDC_START,127,291,50,14
@ -701,8 +701,8 @@ END
//
VS_VERSION_INFO VERSIONINFO
FILEVERSION 1,5,0,546
PRODUCTVERSION 1,5,0,546
FILEVERSION 1,5,0,547
PRODUCTVERSION 1,5,0,547
FILEFLAGSMASK 0x3fL
#ifdef _DEBUG
FILEFLAGS 0x1L
@ -719,13 +719,13 @@ BEGIN
BEGIN
VALUE "CompanyName", "Akeo Consulting (http://akeo.ie)"
VALUE "FileDescription", "Rufus"
VALUE "FileVersion", "1.5.0.546"
VALUE "FileVersion", "1.5.0.547"
VALUE "InternalName", "Rufus"
VALUE "LegalCopyright", "© 2011-2014 Pete Batard (GPL v3)"
VALUE "LegalTrademarks", "http://www.gnu.org/copyleft/gpl.html"
VALUE "OriginalFilename", "rufus.exe"
VALUE "ProductName", "Rufus"
VALUE "ProductVersion", "1.5.0.546"
VALUE "ProductVersion", "1.5.0.547"
END
END
BLOCK "VarFileInfo"

14
src/syslinux.c
View file

@ -339,11 +339,12 @@ out:
uint16_t GetSyslinuxVersion(char* buf, size_t buf_size, char** ext)
{
size_t i, j;
size_t i, j, k;
char *p;
uint16_t version;
const char LINUX[] = { 'L', 'I', 'N', 'U', 'X', ' ' };
static char* nullstr = "";
char unauthorized[] = {'<', '>', ':', '|', '*', '?', '\\', '/'};
*ext = nullstr;
if (buf_size < 256)
@ -379,10 +380,13 @@ uint16_t GetSyslinuxVersion(char* buf, size_t buf_size, char** ext)
break;
}
// Sanitize the string
for (j=1; j<safe_strlen(p); j++)
// Some people are bound to have slashes in their date strings
if ((p[j] == '/') || (p[j] == '\\') || (p[j] == '*'))
p[j] = '_';
for (j=1; j<safe_strlen(p); j++) {
// Some people are bound to have invalid chars in their date strings
for (k=0; k<sizeof(unauthorized); k++) {
if (p[j] == unauthorized[k])
p[j] = '_';
}
}
// If all we have is a slash, return the empty string for the extra version
*ext = (p[1] == 0)?nullstr:p;
return version;