From e0fb91cabb9118bf579b8bc2a425500c39d91407 Mon Sep 17 00:00:00 2001
From: Pete Batard <pete@akeo.ie>
Date: Thu, 5 Dec 2013 12:24:20 +0000
Subject: [PATCH] [loc] add a validity check for the loc file (DOS mode, no
 BOM)

* Closes #238
---
 src/parser.c | 20 +++++++++++++++++++-
 src/rufus.rc | 10 +++++-----
 2 files changed, 24 insertions(+), 6 deletions(-)

diff --git a/src/parser.c b/src/parser.c
index 68d2b2c0..5f3e71ba 100644
--- a/src/parser.c
+++ b/src/parser.c
@@ -212,7 +212,7 @@ FILE* open_loc_file(const char* filename)
 		uprintf("localization: could not convert '%s' filename to UTF-16\n", filename);
 		goto out;
 	}
-	fd = _wfopen(wfilename, L"r");
+	fd = _wfopen(wfilename, L"rb");
 	if (fd == NULL) {
 		uprintf("localization: could not open '%s'\n", filename);
 	}
@@ -241,6 +241,24 @@ BOOL get_supported_locales(const char* filename)
 	if (fd == NULL)
 		goto out;
 
+	// Check that the file doesn't contain a BOM and was saved in DOS mode
+	i = fread(line, 1, sizeof(line), fd);
+	if (i < sizeof(line)) {
+		uprintf("Invalid loc file: the file is too small!");
+		goto out;
+	}
+	if (((uint8_t)line[0]) > 0x80) {
+		uprintf("Invalid loc file: the file should not have a BOM (Byte Order Mark)");
+		goto out;
+	}
+	for (i=0; i<sizeof(line)-1; i++)
+		if ((((uint8_t)line[i]) == 0x0D) && (((uint8_t)line[i+1]) == 0x0A)) break;
+	if (i >= sizeof(line)-1) {
+		uprintf("Invalid loc file: the file MUST be saved in DOS mode (CR/LF)");
+		goto out;
+	}
+	fseek(fd, 0, SEEK_SET);
+
 	loc_line_nr = 0;
 	line[0] = 0;
 	free_locale_list();
diff --git a/src/rufus.rc b/src/rufus.rc
index 806870e4..56ff8a4e 100644
--- a/src/rufus.rc
+++ b/src/rufus.rc
@@ -33,7 +33,7 @@ LANGUAGE LANG_NEUTRAL, SUBLANG_NEUTRAL
 IDD_DIALOG DIALOGEX 12, 12, 206, 329
 STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
 EXSTYLE WS_EX_APPWINDOW
-CAPTION "Rufus v1.4.0.346"
+CAPTION "Rufus v1.4.1.347"
 FONT 8, "MS Shell Dlg", 400, 0, 0x1
 BEGIN
     DEFPUSHBUTTON   "Start",IDC_START,94,291,50,14
@@ -288,8 +288,8 @@ END
 //
 
 VS_VERSION_INFO VERSIONINFO
- FILEVERSION 1,4,0,346
- PRODUCTVERSION 1,4,0,346
+ FILEVERSION 1,4,1,347
+ PRODUCTVERSION 1,4,1,347
  FILEFLAGSMASK 0x3fL
 #ifdef _DEBUG
  FILEFLAGS 0x1L
@@ -306,13 +306,13 @@ BEGIN
         BEGIN
             VALUE "CompanyName", "Akeo Consulting (http://akeo.ie)"
             VALUE "FileDescription", "Rufus"
-            VALUE "FileVersion", "1.4.0.346"
+            VALUE "FileVersion", "1.4.1.347"
             VALUE "InternalName", "Rufus"
             VALUE "LegalCopyright", "© 2011-2013 Pete Batard (GPL v3)"
             VALUE "LegalTrademarks", "http://www.gnu.org/copyleft/gpl.html"
             VALUE "OriginalFilename", "rufus.exe"
             VALUE "ProductName", "Rufus"
-            VALUE "ProductVersion", "1.4.0.346"
+            VALUE "ProductVersion", "1.4.1.347"
         END
     END
     BLOCK "VarFileInfo"