[net] Check for application update (part 2)

* factorized token parser and added update file parsing
2012-11-12 01:53:34 +00:00 · 2012-11-12 01:53:34 +00:00 · b3ed23647f
parent bc01064678
commit b3ed23647f
7 changed files with 202 additions and 61 deletions
--- a/src/drive.c
+++ b/src/drive.c
@ -170,7 +170,7 @@ BOOL GetDriveLabel(DWORD DriveIndex, char* letter, char** label)
 	// to insert media. Use IOCTL_STORAGE_CHECK_VERIFY to prevent this
 	hPhysical = GetDriveHandle(DriveIndex, NULL, FALSE, FALSE);
 	if (DeviceIoControl(hPhysical, IOCTL_STORAGE_CHECK_VERIFY, NULL, 0, NULL, 0, &size, NULL))
-		AutorunLabel = get_token_data(AutorunPath, "label");
+		AutorunLabel = get_token_data_file("label", AutorunPath);
 	else if (GetLastError() == ERROR_NOT_READY)
 		uprintf("Ignoring autorun.inf label for drive %c: %s\n", *letter,
 		(HRESULT_CODE(GetLastError()) == ERROR_NOT_READY)?"No media":WindowsErrorString());
--- a/src/iso.c
+++ b/src/iso.c
@ -480,7 +480,7 @@ out:
 			safe_sprintf(path, sizeof(path), "/%s/txtsetup.sif", 
 				basedir[((iso_report.winpe&WINPE_I386) == WINPE_I386)?0:1]);
 			ExtractISOFile(src_iso, path, tmp_sif);
-			tmp = get_token_data(tmp_sif, "OsLoadOptions");
+			tmp = get_token_data_file("OsLoadOptions", tmp_sif);
 			if (tmp != NULL) {
 				for (i=0; i<strlen(tmp); i++)
 					tmp[i] = (char)tolower(tmp[i]);
--- a/src/net.c
+++ b/src/net.c
@ -455,12 +455,14 @@ BOOL CheckForUpdates(const char* url)
 		goto out;

 	buf = (char*)calloc(dwTotalSize+1, 1);
-	// Our buffer is always supposed to be large enough, and our read is always supposed to be in one go
+	if (buf == NULL) goto out;
+	// This is a version file, so we should be able to do it in one go
 	if (!InternetReadFile(hRequest, buf, dwTotalSize, &dwDownloaded) || (dwDownloaded != dwTotalSize))
 		goto out;

 	uuprintf("Successfully downloaded version file %s (%d bytes)\n", url, dwTotalSize);
-	uuprintf("%s\n", buf);
+
+	parse_update(buf);
 	r = TRUE;

 out:
--- a/src/parser.c
+++ b/src/parser.c
@ -34,17 +34,80 @@
 #include "rufus.h"
 #include "msapi_utf8.h"

-// Parse a file (ANSI or UTF-8 or UTF-16) and return the data for the first occurence of 'token'
-// The parsed line is of the form: [ ]token[ ]=[ ]["]data["]
-// The returned string is UTF-8 and MUST be freed by the caller
-char* get_token_data(const char* filename, const char* token)
+typedef struct {
+	uint8_t version[4];
+	char* type;				// "release", "beta", "notice"
+	char* platform;			// target platform ("windows", "linux", etc.)
+	char* platform_arch;	// "x86", "x64", "arm"
+	char* platform_min;		// minimum platform version required
+	char* download_url[2];
+	char* release_notes;
+} rufus_update;
+
+
+// Parse a line of UTF-16 text and return the data if it matches the 'token'
+// The parsed line is of the form: [ ]token[ ]=[ ]["]data["][ ] and the line
+// is modified by the parser
+static wchar_t* get_token_data_line(const wchar_t* wtoken, wchar_t* wline)
 {
-	wchar_t *wtoken = NULL, *wfilename = NULL;
-	wchar_t wspace[] = L" \t";
-	wchar_t weol[] = L"\r\n";
+	const wchar_t wspace[] = L" \t";	// The only whitespaces we recognize as such
+	const wchar_t weol[] = L"\r\n";
+	size_t i, r;
+	BOOLEAN quoteth;
+
+	if ((wtoken == NULL) || (wline == NULL) || (wline[0] == 0))
+		return NULL;
+
+	// Eliminate trailing EOL characters
+	wline[wcscspn(wline, weol)] = 0;
+
+	i = 0;
+
+	// Skip leading spaces
+	i += wcsspn(&wline[i], wspace);
+
+	// Our token should begin a line
+	if (_wcsnicmp(&wline[i], wtoken, wcslen(wtoken)) != 0)
+		return NULL;
+
+	// Token was found, move past token
+	i += wcslen(wtoken);
+
+	// Skip spaces
+	i += wcsspn(&wline[i], wspace);
+
+	// Check for an equal sign
+	if (wline[i] != L'=') 
+		return NULL;
+	i++;
+
+	// Skip spaces after equal sign
+	i += wcsspn(&wline[i], wspace);
+
+	// eliminate leading quote, if it exists
+	if (wline[i] == L'"') {
+		quoteth = TRUE;
+		i++;
+	}
+
+	// Keep the starting pos of our data
+	r = i;
+
+	// locate end of string or quote
+	while ( (wline[i] != 0) && ((wline[i] != L'"') || ((wline[i] == L'"') && (!quoteth))) )
+		i++;
+	wline[i] = 0;
+
+	return (wline[r] == 0)?NULL:&wline[r];
+}
+
+// Parse a file (ANSI or UTF-8 or UTF-16) and return the data for the first occurence of 'token'
+// The returned string is UTF-8 and MUST be freed by the caller
+char* get_token_data_file(const char* token, const char* filename)
+{
+	wchar_t *wtoken = NULL, *wdata= NULL, *wfilename = NULL;
 	wchar_t buf[1024];
 	FILE* fd = NULL;
-	size_t i, r;
 	char *ret = NULL;

 	if ((filename == NULL) || (token == NULL))
@ -68,46 +131,11 @@ char* get_token_data(const char* filename, const char* token)
 	// Process individual lines. NUL is always appended.
 	// Ideally, we'd check that our buffer fits the line
 	while (fgetws(buf, ARRAYSIZE(buf), fd) != NULL) {
-
-		// Eliminate trailing EOL characters
-		buf[wcscspn(buf, weol)] = 0;
-
-		i = 0;
-
-		// Skip leading spaces
-		i += wcsspn(&buf[i], wspace);
-
-		// Our token should begin a line
-		if (_wcsnicmp(&buf[i], wtoken, wcslen(wtoken)) != 0)
-			continue;
-
-		// Token was found, move past token
-		i += wcslen(wtoken);
-
-		// Skip spaces
-		i += wcsspn(&buf[i], wspace);
-
-		// Check for an equal sign
-		if (buf[i] != L'=') 
-			continue;
-		i++;
-
-		// Skip spaces after equal sign
-		i += wcsspn(&buf[i], wspace);
-
-		// eliminate leading quote, if it exists
-		if (buf[i] == L'"')
-			i++;
-
-		// Keep the starting pos of our data
-		r = i;
-
-		// locate end of string or quote
-		while ((buf[i] != 0) && (buf[i] != L'"'))
-			i++;
-		buf[i] = 0;
-		ret = wchar_to_utf8(&buf[r]);
-		break;
+		wdata = get_token_data_line(wtoken, buf);
+		if (wdata != NULL) {
+			ret = wchar_to_utf8(wdata);
+			break;
+		}
 	}

 out:
@ -118,6 +146,115 @@ out:
 	return ret;
 }

+// Parse a buffer (ANSI or UTF-8) and return the data for the 'n'th occurence of 'token'
+// The returned string is UTF-8 and MUST be freed by the caller
+char* get_token_data_buffer(const char* token, unsigned int n, const char* buffer, size_t buffer_size)
+{
+	unsigned int j;
+	wchar_t *wtoken = NULL, *wdata = NULL, *wbuffer = NULL, *wline = NULL;
+	size_t i;
+	BOOL done = FALSE;
+	char* ret = NULL;
+
+	// We're handling remote data => better safe than sorry
+	if ((token == NULL) || (buffer == NULL) || (buffer_size <= 4) || (buffer_size > 65536))
+		goto out;
+
+	// Ensure that our buffer is NUL terminated
+	if (buffer[buffer_size-1] != 0)
+		goto out;
+
+	wbuffer = utf8_to_wchar(buffer);
+	wtoken = utf8_to_wchar(token);
+	if ((wbuffer == NULL) || (wtoken == NULL))
+		goto out;
+
+	// Process individual lines
+	for (i=0,j=0,done=FALSE; (j!=n)&&(!done); ) {
+		wline = &wbuffer[i];
+
+		for(;(wbuffer[i]!=L'\n')&&(wbuffer[i]!=L'\r')&&(wbuffer[i]!=0);i++);
+		if (wbuffer[i]==0) {
+			done = TRUE;
+		} else {
+			wbuffer[i++] = 0;
+		}
+		wdata = get_token_data_line(wtoken, wline);
+		if (wdata != NULL) {
+			j++;
+		}
+	}
+out:
+	if (wdata != NULL)
+		ret = wchar_to_utf8(wdata);
+	safe_free(wbuffer);
+	safe_free(wtoken);
+	return ret;
+}
+
+static __inline char* get_sanitized_token_data_buffer(const char* token, unsigned int n, const char* buffer, size_t buffer_size)
+{
+	size_t i;
+	char* data = get_token_data_buffer(token, n, buffer, buffer_size);
+	if (data != NULL) {
+		for (i=0; i<safe_strlen(data); i++) {
+			if ((data[i] == '\\') && (data[i+1] == 'n')) {
+				data[i] = '\r';
+				data[i+1] = '\n';
+			}
+		}
+	}
+	return data;
+}
+
+// Parse an update data file and populates a rufus_update structure.
+// NB: since this is remote data, and we're running elevated, even if it comes from a
+// supposedly trusted server, it *IS* considered potentially malicious, so we treat
+// it as such
+void parse_update(char* buf)
+{
+	size_t i, len = safe_strlen(buf);
+	char *data = NULL, *token;
+	char allowed_chars[] = " \t\r\nabcdefghijklmnopqrstuvwxyz"
+		"ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!\"$%^&*()-_+=<>(){}[].,:;#@'/?|~";
+	rufus_update update;
+
+	// Sanitize the data - Of course not a silver bullet, but it helps
+	for (i=0; i<len; i++) {
+		// Do not sanitize \n yet
+		// NB: we have a zero terminator, so we can afford a +1 without overflow
+		if ((strchr(allowed_chars, buf[i]) == NULL) && (buf[i] != '\\') && (buf[i+1] != 'n')) {
+			buf[i] = ' ';
+		}
+	}
+
+	if ((data = get_sanitized_token_data_buffer("version", 1, buf, len+1)) != NULL) {
+		for (i=0; (i<4) && ((token = strtok((i==0)?data:NULL, ".")) != NULL); i++) {
+			update.version[i] = (uint8_t)atoi(token);
+		}
+		safe_free(data);
+	}
+	// TODO: use X-Macros?
+	update.type = get_sanitized_token_data_buffer("type", 1, buf, len+1);
+	update.platform = get_sanitized_token_data_buffer("platform", 1, buf, len+1);
+	update.platform_arch = get_sanitized_token_data_buffer("platform_arch", 1, buf, len+1);
+	update.platform_min = get_sanitized_token_data_buffer("platform_min", 1, buf, len+1);
+	for (i=0; i<ARRAYSIZE(update.download_url); i++) {
+		update.download_url[i] = get_sanitized_token_data_buffer("download_url", (unsigned int)i+1, buf, len+1);
+	}
+	update.release_notes = get_sanitized_token_data_buffer("release_notes", 1, buf, len+1);
+
+	uprintf("UPDATE DATA:\n");
+	uprintf("  version: %d.%d.%d.%d\n", update.version[0], update.version[1], update.version[2], update.version[3]);
+	uprintf("  platform: %s\r\n  platform_arch: %s\r\n  platform_min: %s\n", update.platform, update.platform_arch, update.platform_min);
+	for (i=0; i<ARRAYSIZE(update.download_url); i++) {
+		uprintf("  url%d: %s\n", i+1, update.download_url[i]);
+	}
+	uprintf("RELEASE NOTES:\r\n%s\n", update.release_notes);
+
+	// TODO: free all these strings!
+}
+
 // Insert entry 'data' under section 'section' of a config file
 // Section must include the relevant delimitors (eg '[', ']') if needed
 char* insert_section_data(const char* filename, const char* section, const char* data, BOOL dos2unix)
@ -245,7 +382,7 @@ out:
 }

 // Search for a specific 'src' substring the data for all occurences of 'token', and replace
-// if with 'rep'. File can be ANSI or UNICODE and is overwritten. Parameters are UTF-8.
+// it with 'rep'. File can be ANSI or UNICODE and is overwritten. Parameters are UTF-8.
 // The parsed line is of the form: [ ]token[ ]data
 // Returns a pointer to rep if replacement occured, NULL otherwise
 char* replace_in_token_data(const char* filename, const char* token, const char* src, const char* rep, BOOL dos2unix)
--- a/src/registry.h
+++ b/src/registry.h
@ -34,11 +34,11 @@ extern "C" {
 /*
 * List of registry keys used by this application
 */
-// Dispa
 #define REGKEY_VERBOSE_UPDATES      "VerboseUpdateCheck"
 #define REGKEY_DISABLE_UPDATES      "DisableUpdateCheck"
 #define REGKEY_LAST_UPDATE          "LastUpdateCheck"
 #define REGKEY_UPDATE_INTERVAL      "UpdateCheckInterval"
+#define REGKEY_LAST_VERSION_SEEN    "LastVersionSeen"


 /* Read a generic registry key value (create the app key if it doesn't exist) */
--- a/src/rufus.h
+++ b/src/rufus.h
@ -240,9 +240,11 @@ extern LONG GetEntryWidth(HWND hDropDown, const char* entry);
 extern BOOL DownloadFile(const char* url, const char* file);
 extern BOOL CheckForUpdates(const char* url);
 extern BOOL IsShown(HWND hDlg);
-extern char* get_token_data(const char* filename, const char* token);
+extern char* get_token_data_file(const char* token, const char* filename);
+extern char* get_token_data_buffer(const char* token, unsigned int n, const char* buffer, size_t buffer_size);
 extern char* insert_section_data(const char* filename, const char* section, const char* data, BOOL dos2unix);
 extern char* replace_in_token_data(const char* filename, const char* token, const char* src, const char* rep, BOOL dos2unix);
+extern void parse_update(char* buf);

 __inline static BOOL UnlockDrive(HANDLE hDrive)
 {
--- a/src/rufus.rc
+++ b/src/rufus.rc
@ -30,7 +30,7 @@ LANGUAGE LANG_ENGLISH, SUBLANG_NEUTRAL
 IDD_DIALOG DIALOGEX 12, 12, 206, 316
 STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
 EXSTYLE WS_EX_APPWINDOW
-CAPTION "Rufus v1.2.0.192"
+CAPTION "Rufus v1.2.0.193"
 FONT 8, "MS Shell Dlg", 400, 0, 0x1
 BEGIN
    DEFPUSHBUTTON   "Start",IDC_START,94,278,50,14
@ -77,7 +77,7 @@ BEGIN
    DEFPUSHBUTTON   "OK",IDOK,231,175,50,14,WS_GROUP
    CONTROL         "<a href=""http://rufus.akeo.ie"">http://rufus.akeo.ie</a>",IDC_ABOUT_RUFUS_URL,
                    "SysLink",WS_TABSTOP,46,47,114,9
-    LTEXT           "Version 1.2.0 (Build 192)",IDC_STATIC,46,19,78,8
+    LTEXT           "Version 1.2.0 (Build 193)",IDC_STATIC,46,19,78,8
    PUSHBUTTON      "License...",IDC_ABOUT_LICENSE,46,175,50,14,WS_GROUP
    CONTROL         "",IDC_ABOUT_COPYRIGHTS,"RichEdit20W",ES_MULTILINE | ES_READONLY | WS_VSCROLL,46,107,235,63,WS_EX_STATICEDGE
    LTEXT           "Report bugs or request enhancements at:",IDC_STATIC,46,66,187,8
@ -237,8 +237,8 @@ END
 //

 VS_VERSION_INFO VERSIONINFO
- FILEVERSION 1,2,0,192
- PRODUCTVERSION 1,2,0,192
+ FILEVERSION 1,2,0,193
+ PRODUCTVERSION 1,2,0,193
 FILEFLAGSMASK 0x3fL
 #ifdef _DEBUG
 FILEFLAGS 0x1L
@ -255,13 +255,13 @@ BEGIN
        BEGIN
            VALUE "CompanyName", "akeo.ie"
            VALUE "FileDescription", "Rufus"
-            VALUE "FileVersion", "1.2.0.192"
+            VALUE "FileVersion", "1.2.0.193"
            VALUE "InternalName", "Rufus"
            VALUE "LegalCopyright", "© 2011 Pete Batard (GPL v3)"
            VALUE "LegalTrademarks", "http://www.gnu.org/copyleft/gpl.html"
            VALUE "OriginalFilename", "rufus.exe"
            VALUE "ProductName", "Rufus"
-            VALUE "ProductVersion", "1.2.0.192"
+            VALUE "ProductVersion", "1.2.0.193"
        END
    END
    BLOCK "VarFileInfo"