From ce2aa639f448e4585e953fd14292dc0a9c5c4d86 Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Sun, 11 Jun 2017 17:26:42 +0200
Subject: Windows: various fixes following Coverity analysis.

---
 src/Common/Dlgcode.c | 158 +++++++++++++++++++++++++++++++++++----------------
 1 file changed, 109 insertions(+), 49 deletions(-)

(limited to 'src/Common/Dlgcode.c')

diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c
index af3bec0b..31d05944 100644
--- a/src/Common/Dlgcode.c
+++ b/src/Common/Dlgcode.c
@@ -547,6 +547,20 @@ size_t TrimWhiteSpace(wchar_t *str)
   return out_size;
 }
 
+BOOL IsNullTerminateString (const wchar_t* str, size_t cbSize)
+{
+	if (str && cbSize)
+	{
+		for (size_t i = 0; i < cbSize; i++)
+		{
+			if (str[i] == 0)
+				return TRUE;
+		}
+	}
+
+	return FALSE;
+}
+
 // check the validity of a file name
 BOOL IsValidFileName(const wchar_t* str)
 {
@@ -8212,9 +8226,14 @@ BOOL IsMountedVolumeID (BYTE volumeID[VOLUME_ID_SIZE])
 	int i;
 
 	memset (&mlist, 0, sizeof (mlist));
-	DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, &mlist,
-		sizeof (mlist), &mlist, sizeof (mlist), &dwResult,
-		NULL);
+	if (	!DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, &mlist,
+				sizeof (mlist), &mlist, sizeof (mlist), &dwResult,
+				NULL) 
+		|| (mlist.ulMountedDrives >= (1 << 26))
+		)
+	{
+		return FALSE; 
+	}
 
 	if (mlist.ulMountedDrives)
 	{
@@ -8256,16 +8275,26 @@ BOOL IsMountedVolume (const wchar_t *volname)
 			StringCbCopyW (volume, sizeof (volume), resolvedPath.c_str());
 
 		memset (&mlist, 0, sizeof (mlist));
-		DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, &mlist,
-			sizeof (mlist), &mlist, sizeof (mlist), &dwResult,
-			NULL);
+		if (	!DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, &mlist,
+					sizeof (mlist), &mlist, sizeof (mlist), &dwResult,
+					NULL) 
+			|| (mlist.ulMountedDrives >= (1 << 26))
+			)
+		{
+			return FALSE; 
+		}
 
 		if (mlist.ulMountedDrives)
 		{
 			for (i=0 ; i<26; i++)
 			{
-				if ((mlist.ulMountedDrives & (1 << i)) && (0 == _wcsicmp ((wchar_t *) mlist.wszVolume[i], volume)))
+				if ((mlist.ulMountedDrives & (1 << i)) 
+					&& IsNullTerminateString (mlist.wszVolume[i], TC_MAX_PATH) 
+					&& (0 == _wcsicmp ((wchar_t *) mlist.wszVolume[i], volume))
+					)
+				{
 					return TRUE;
+				}
 			}
 		}
 	}
@@ -8294,16 +8323,26 @@ int GetMountedVolumeDriveNo (wchar_t *volname)
 		StringCbCopyW (volume, sizeof (volume), resolvedPath.c_str());
 
 	memset (&mlist, 0, sizeof (mlist));
-	DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, &mlist,
-		sizeof (mlist), &mlist, sizeof (mlist), &dwResult,
-		NULL);
+	if (	!DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, &mlist,
+				sizeof (mlist), &mlist, sizeof (mlist), &dwResult,
+				NULL) 
+		|| (mlist.ulMountedDrives >= (1 << 26))
+		)
+	{
+		return -1; 
+	}
 
 	if (mlist.ulMountedDrives)
 	{
 		for (i=0 ; i<26; i++)
 		{
-			if ((mlist.ulMountedDrives & (1 << i)) && (0 == _wcsicmp ((wchar_t *) mlist.wszVolume[i], (WCHAR *)volume)))
+			if ((mlist.ulMountedDrives & (1 << i)) 
+				&& IsNullTerminateString (mlist.wszVolume[i], TC_MAX_PATH)
+				&& (0 == _wcsicmp ((wchar_t *) mlist.wszVolume[i], (WCHAR *)volume))
+				)
+			{
 				return i;
+			}
 		}
 	}
 
@@ -8425,7 +8464,7 @@ BOOL GetDriveGeometry (const wchar_t *deviceName, PDISK_GEOMETRY_EX diskGeometry
 
 	if (bResult && (dwResult == sizeof (dg)) && dg.diskGeometry.BytesPerSector)
 	{
-		ZeroMemory (diskGeometry, sizeof (PDISK_GEOMETRY_EX));
+		ZeroMemory (diskGeometry, sizeof (DISK_GEOMETRY_EX));
 		memcpy (&diskGeometry->Geometry, &dg.diskGeometry, sizeof (DISK_GEOMETRY));
 		diskGeometry->DiskSize.QuadPart = dg.DiskSize.QuadPart;
 		return TRUE;
@@ -9341,11 +9380,19 @@ LRESULT ListSubItemSet (HWND list, int index, int subIndex, const wchar_t *strin
 BOOL GetMountList (MOUNT_LIST_STRUCT *list)
 {
 	DWORD dwResult;
+	MOUNT_LIST_STRUCT localList = {0};
 
-	memset (list, 0, sizeof (*list));
-	return DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, list,
-		sizeof (*list), list, sizeof (*list), &dwResult,
-		NULL);
+	if ( list && DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, &localList,
+			sizeof (localList), &localList, sizeof (localList), &dwResult,
+			NULL)
+			&& (localList.ulMountedDrives < (1 << 26))
+		)
+	{
+		memcpy (list, &localList, sizeof (MOUNT_LIST_STRUCT));
+		return TRUE;
+	}
+	else
+		return FALSE;
 }
 
 
@@ -11853,44 +11900,47 @@ std::vector <HostDevice> GetHostRawDeviceList ()
 				NULL ) && ( ERROR_INSUFFICIENT_BUFFER == GetLastError()))
 			{
 				deviceInterfaceDetailData = ( PSP_DEVICE_INTERFACE_DETAIL_DATA ) malloc( requiredSize );
-				ZeroMemory( deviceInterfaceDetailData, requiredSize );
-				deviceInterfaceDetailData->cbSize = sizeof( SP_DEVICE_INTERFACE_DETAIL_DATA );
-				if (SetupDiGetDeviceInterfaceDetail( diskClassDevices,
-					&deviceInterfaceData,
-					deviceInterfaceDetailData,
-					requiredSize,
-					NULL,
-					NULL ))
+				if (deviceInterfaceDetailData)
 				{
-					HANDLE disk = CreateFile( deviceInterfaceDetailData->DevicePath,
-						0,
-						FILE_SHARE_READ | FILE_SHARE_WRITE,
+					ZeroMemory( deviceInterfaceDetailData, requiredSize );
+					deviceInterfaceDetailData->cbSize = sizeof( SP_DEVICE_INTERFACE_DETAIL_DATA );
+					if (SetupDiGetDeviceInterfaceDetail( diskClassDevices,
+						&deviceInterfaceData,
+						deviceInterfaceDetailData,
+						requiredSize,
 						NULL,
-						OPEN_EXISTING,
-						0,
-						NULL );
-					if ( INVALID_HANDLE_VALUE != disk)
+						NULL ))
 					{
-						if (DeviceIoControl( disk,
-							IOCTL_STORAGE_GET_DEVICE_NUMBER,
+						HANDLE disk = CreateFile( deviceInterfaceDetailData->DevicePath,
+							0,
+							FILE_SHARE_READ | FILE_SHARE_WRITE,
 							NULL,
+							OPEN_EXISTING,
 							0,
-							&diskNumber,
-							sizeof( STORAGE_DEVICE_NUMBER ),
-							&bytesReturned,
-							NULL ))
+							NULL );
+						if ( INVALID_HANDLE_VALUE != disk)
 						{
-							HostDevice device;
-							device.Path = deviceInterfaceDetailData->DevicePath;
-							device.SystemNumber = diskNumber.DeviceNumber;
-							list.push_back (device);
-						}
+							if (DeviceIoControl( disk,
+								IOCTL_STORAGE_GET_DEVICE_NUMBER,
+								NULL,
+								0,
+								&diskNumber,
+								sizeof( STORAGE_DEVICE_NUMBER ),
+								&bytesReturned,
+								NULL ))
+							{
+								HostDevice device;
+								device.Path = deviceInterfaceDetailData->DevicePath;
+								device.SystemNumber = diskNumber.DeviceNumber;
+								list.push_back (device);
+							}
 
-						CloseHandle( disk );
+							CloseHandle( disk );
+						}
 					}
-				}
 
-				free (deviceInterfaceDetailData);
+					free (deviceInterfaceDetailData);
+				}
 			}
 		}
 
@@ -12107,16 +12157,26 @@ wstring FindDeviceByVolumeID (const BYTE volumeID [VOLUME_ID_SIZE])
 	DWORD dwResult;
 
 	memset (&mlist, 0, sizeof (mlist));
-	DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, &mlist,
-		sizeof (mlist), &mlist, sizeof (mlist), &dwResult,
-		NULL);
+	if (	!DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, &mlist,
+				sizeof (mlist), &mlist, sizeof (mlist), &dwResult,
+				NULL) 
+		|| (mlist.ulMountedDrives >= (1 << 26))
+		)
+	{
+		return L""; 
+	}
 
 	if (mlist.ulMountedDrives)
 	{
 		for (int i=0 ; i < 26; i++)
 		{
 			if ((mlist.ulMountedDrives & (1 << i)) && (0 == memcmp (mlist.volumeID[i], volumeID, VOLUME_ID_SIZE)))
-				return mlist.wszVolume[i];
+			{
+				if (IsNullTerminateString (mlist.wszVolume[i], TC_MAX_PATH))
+					return mlist.wszVolume[i];
+				else
+					return L"";
+			}
 		}
 	}
 
-- 
cgit v1.2.3