From 6b433c7fc081fdd2c21c30650fdb134e8cd4d52a Mon Sep 17 00:00:00 2001 From: Pete Batard Date: Thu, 20 Nov 2014 23:00:59 +0000 Subject: [PATCH] [iso] fix sanitization of paths during ISO during extraction * Also add sanitization for Syslinux downloaded content * Also factorize printout of extracted file * Closes #397 --- src/iso.c | 110 ++++++++++++++++++++++++++++--------------------- src/rufus.rc | 16 +++---- src/syslinux.c | 14 ++++--- 3 files changed, 81 insertions(+), 59 deletions(-) diff --git a/src/iso.c b/src/iso.c index 54cded8b..888f1e63 100644 --- a/src/iso.c +++ b/src/iso.c @@ -82,18 +82,25 @@ static BOOL scan_only = FALSE; static StrArray config_path, isolinux_path; // Ensure filenames do not contain invalid FAT32 or NTFS characters -static __inline BOOL sanitize_filename(char* filename) +static __inline char* sanitize_filename(char* filename, BOOL* is_identical) { size_t i, j; - BOOL ret = FALSE; + char* ret = NULL; char unauthorized[] = {'<', '>', ':', '|', '*', '?'}; + *is_identical = TRUE; + ret = safe_strdup(filename); + if (ret == NULL) { + uprintf("Couldn't allocate string for sanitized path"); + return NULL; + } + // Must start after the drive part (D:\...) so that we don't eliminate the first column - for (i=2; ifilename, psz_basename, i_joliet_level); } if (p_statbuf->type == _STAT_DIR) { - if (!scan_only) IGNORE_RETVAL(_mkdirU(psz_fullpath)); + if (!scan_only) { + psz_sanpath = sanitize_filename(psz_fullpath, &is_identical); + IGNORE_RETVAL(_mkdirU(psz_sanpath)); + safe_free(psz_sanpath); + } if (iso_extract_files(p_iso, psz_iso_name)) goto out; } else { @@ -431,18 +458,7 @@ static int iso_extract_files(iso9660_t* p_iso, const char *psz_path) if (check_iso_props(psz_path, &is_syslinux_cfg, is_old_c32, i_file_length, psz_basename, psz_fullpath)) { continue; } - // Replace slashes with backslashes and append the size to the path for UI display - nul_pos = safe_strlen(psz_fullpath); - for (i=0; irr.psz_symlink); safe_free(p_statbuf->rr.psz_symlink); } - file_handle = CreateFileU(psz_fullpath, GENERIC_READ | GENERIC_WRITE, + file_handle = CreateFileU(psz_sanpath, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ|FILE_SHARE_WRITE, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL); if (file_handle == INVALID_HANDLE_VALUE) { err = GetLastError(); uprintf(" Unable to create file: %s\n", WindowsErrorString()); - if ((err == ERROR_ACCESS_DENIED) && (safe_strcmp(&psz_fullpath[3], autorun_name) == 0)) + if ((err == ERROR_ACCESS_DENIED) && (safe_strcmp(&psz_sanpath[3], autorun_name) == 0)) uprintf(stupid_antivirus); else goto out; @@ -500,7 +517,8 @@ static int iso_extract_files(iso9660_t* p_iso, const char *psz_path) } ISO_BLOCKING(safe_closehandle(file_handle)); if (is_syslinux_cfg) - fix_syslinux(psz_fullpath, psz_path, psz_basename); + fix_syslinux(psz_sanpath, psz_path, psz_basename); + safe_free(psz_sanpath); } } r = 0; diff --git a/src/rufus.rc b/src/rufus.rc index 927cb16d..ce87e53d 100644 --- a/src/rufus.rc +++ b/src/rufus.rc @@ -32,7 +32,7 @@ LANGUAGE LANG_NEUTRAL, SUBLANG_NEUTRAL IDD_DIALOG DIALOGEX 12, 12, 242, 329 STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "Rufus 1.5.0.546" +CAPTION "Rufus 1.5.0.547" FONT 8, "Segoe UI", 400, 0, 0x1 BEGIN DEFPUSHBUTTON "Start",IDC_START,127,291,50,14 @@ -164,7 +164,7 @@ END IDD_DIALOG_XP DIALOGEX 12, 12, 242, 329 STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "Rufus 1.5.0.546" +CAPTION "Rufus 1.5.0.547" FONT 8, "MS Shell Dlg", 400, 0, 0x1 BEGIN DEFPUSHBUTTON "Start",IDC_START,127,291,50,14 @@ -297,7 +297,7 @@ END IDD_DIALOG_RTL DIALOGEX 12, 12, 242, 329 STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU EXSTYLE WS_EX_RTLREADING | WS_EX_APPWINDOW | WS_EX_LAYOUTRTL -CAPTION "Rufus 1.5.0.546" +CAPTION "Rufus 1.5.0.547" FONT 8, "Segoe UI", 400, 0, 0x1 BEGIN DEFPUSHBUTTON "Start",IDC_START,127,291,50,14 @@ -437,7 +437,7 @@ END IDD_DIALOG_RTL_XP DIALOGEX 12, 12, 242, 329 STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU EXSTYLE WS_EX_RTLREADING | WS_EX_APPWINDOW | WS_EX_LAYOUTRTL -CAPTION "Rufus 1.5.0.546" +CAPTION "Rufus 1.5.0.547" FONT 8, "MS Shell Dlg", 400, 0, 0x1 BEGIN DEFPUSHBUTTON "Start",IDC_START,127,291,50,14 @@ -701,8 +701,8 @@ END // VS_VERSION_INFO VERSIONINFO - FILEVERSION 1,5,0,546 - PRODUCTVERSION 1,5,0,546 + FILEVERSION 1,5,0,547 + PRODUCTVERSION 1,5,0,547 FILEFLAGSMASK 0x3fL #ifdef _DEBUG FILEFLAGS 0x1L @@ -719,13 +719,13 @@ BEGIN BEGIN VALUE "CompanyName", "Akeo Consulting (http://akeo.ie)" VALUE "FileDescription", "Rufus" - VALUE "FileVersion", "1.5.0.546" + VALUE "FileVersion", "1.5.0.547" VALUE "InternalName", "Rufus" VALUE "LegalCopyright", "© 2011-2014 Pete Batard (GPL v3)" VALUE "LegalTrademarks", "http://www.gnu.org/copyleft/gpl.html" VALUE "OriginalFilename", "rufus.exe" VALUE "ProductName", "Rufus" - VALUE "ProductVersion", "1.5.0.546" + VALUE "ProductVersion", "1.5.0.547" END END BLOCK "VarFileInfo" diff --git a/src/syslinux.c b/src/syslinux.c index ce7341d7..15c414d7 100644 --- a/src/syslinux.c +++ b/src/syslinux.c @@ -339,11 +339,12 @@ out: uint16_t GetSyslinuxVersion(char* buf, size_t buf_size, char** ext) { - size_t i, j; + size_t i, j, k; char *p; uint16_t version; const char LINUX[] = { 'L', 'I', 'N', 'U', 'X', ' ' }; static char* nullstr = ""; + char unauthorized[] = {'<', '>', ':', '|', '*', '?', '\\', '/'}; *ext = nullstr; if (buf_size < 256) @@ -379,10 +380,13 @@ uint16_t GetSyslinuxVersion(char* buf, size_t buf_size, char** ext) break; } // Sanitize the string - for (j=1; j