Changeset 107901 in vbox

Timestamp:

Jan 22, 2025 10:21:48 PM (2 weeks ago)

Author:

vboxsync

Message:

Windows driver installation: Fixed incorrect size passed to SetupDiGetINFClassW in VBoxWinDrvInfOpen and RTUtf16Copy+RTUtf16Cat in VBoxWinDrvInfQueryModelEx; tried to fix bogus key+value parsing in VBoxWinDrvInfQuerySectionVerEx. bugref:10762

Location:

trunk

Files:

• include/VBox/GuestHost/VBoxWinDrvDefs.h (modified) (3 diffs)
• include/VBox/GuestHost/VBoxWinDrvStore.h (modified) (6 diffs)
• src/VBox/GuestHost/installation/VBoxWinDrvCommon.cpp (modified) (16 diffs)
• src/VBox/GuestHost/installation/VBoxWinDrvCommon.h (modified) (1 diff)

trunk/include/VBox/GuestHost/VBoxWinDrvDefs.h

@@ -1 +1 @@
 /* $Id$ */
 /** @file
- * VBoxWinDrvDefs - Common definitions for Windows driver functions.
+ * VBoxWinDrvDefs - Common definitions for Windows driver installation functions.
  */
 
@@ -85 +85 @@
  * Structure for keeping INF Version section information.
  */
-typedef struct _VBOXWINDRVINFSEC_VERSION
+typedef struct VBOXWINDRVINFSECVERSION
 {
     /** Catalog (.cat) file. */
@@ -93 +93 @@
     /** Provider name. */
     RTUTF16 wszProvider[VBOXWINDRVINF_MAX_PROVIDER_NAME_LEN];
-} VBOXWINDRVINFSEC_VERSION;
+} VBOXWINDRVINFSECVERSION;
 /** Pointer to structure for keeping INF Version section information. */
-typedef VBOXWINDRVINFSEC_VERSION *PVBOXWINDRVINFSEC_VERSION;
+typedef VBOXWINDRVINFSECVERSION *PVBOXWINDRVINFSECVERSION;
 
 #endif /* !VBOX_INCLUDED_GuestHost_VBoxWinDrvDefs_h */

trunk/include/VBox/GuestHost/VBoxWinDrvStore.h

@@ -57 +57 @@
  * Structure for keeping a generic Windows driver store list.
  */
-typedef struct _VBOXWINDRVSTORELIST
+typedef struct VBOXWINDRVSTORELIST
 {
     /** List node. */
@@ -70 +70 @@
  * Structure for keeping a Windows driver store entry.
  */
-typedef struct _VBOXWINDRVSTOREENTRY
+typedef struct VBOXWINDRVSTOREENTRY
 {
     RTLISTNODE Node;
     /** Version section information. */
-    VBOXWINDRVINFSEC_VERSION Ver;
+    VBOXWINDRVINFSECVERSION  Ver;
     /** Full path to the oemXXX.inf file within the driver store. */
     RTUTF16                  wszInfFile[RTPATH_MAX];
@@ -90 +90 @@
 typedef VBOXWINDRVSTOREENTRY *PVBOXWINDRVSTOREENTRY;
 
-struct _VBOXWINDRVSTORE;
+struct VBOXWINDRVSTORE;
 /** Pointer to Windows driver store instance data. */
-typedef struct _VBOXWINDRVSTORE *PVBOXWINDRVSTORE;
+typedef struct VBOXWINDRVSTORE *PVBOXWINDRVSTORE;
 
 /**
  * Interface for a Windows driver store implementation.
  */
-typedef struct _VBOXWINDRVSTOREIFACE
+typedef struct VBOXWINDRVSTOREIFACE
 {
     /**
@@ -133 +133 @@
  * Enumeration for a driver store backend.
  */
-typedef enum _VBOXWINDRVSTOREBACKENDTYPE
+typedef enum VBOXWINDRVSTOREBACKENDTYPE
 {
     /** Invalid. */
@@ -146 +146 @@
  * Currently only the (local) file system backend is supported.
  */
-typedef struct _VBOXWINDRVSTOREBACKEND
+typedef struct VBOXWINDRVSTOREBACKEND
 {
     VBOXWINDRVSTOREBACKENDTYPE enmType;
@@ -165 +165 @@
  * Structure for keeping Windows driver store instance data.
  */
-typedef struct _VBOXWINDRVSTORE
+typedef struct VBOXWINDRVSTORE
 {
     /** The current list of drivers. */

trunk/src/VBox/GuestHost/installation/VBoxWinDrvCommon.cpp

@@ -1 +1 @@
 /* $Id$ */
 /** @file
- * VBoxWinDrvCommon - Common Windows driver functions.
+ * VBoxWinDrvCommon - Common Windows driver installation functions.
  */
 
@@ -52 +52 @@
 
 /*********************************************************************************************************************************
-*   Defines                                                                                                                      *
-*********************************************************************************************************************************/
-
-
-/*********************************************************************************************************************************
-*   Defined Constants And Macros                                                                                                 *
-*********************************************************************************************************************************/
-
-
-/*********************************************************************************************************************************
 *   Prototypes                                                                                                                   *
 *********************************************************************************************************************************/
@@ -77 +67 @@
 VBOXWINDRVINFTYPE VBoxWinDrvInfGetTypeEx(HINF hInf, PRTUTF16 *ppwszSection)
 {
+    if (ppwszSection)
+        *ppwszSection = NULL;
+
     /*
      * Regular driver?
@@ -133 +126 @@
     if (   pwszManufacturerSection
         && pwszPrimitiveSection)
-    {
         return VBOXWINDRVINFTYPE_INVALID;
-    }
-    else if (pwszManufacturerSection)
+    if (pwszManufacturerSection)
     {
         if (ppwszSection)
             *ppwszSection = RTUtf16Dup(pwszManufacturerSection);
-
         return VBOXWINDRVINFTYPE_NORMAL;
     }
-    else if (pwszPrimitiveSection)
+    if (pwszPrimitiveSection)
     {
         if (ppwszSection)
             *ppwszSection = RTUtf16Dup(pwszPrimitiveSection);
-
         return VBOXWINDRVINFTYPE_PRIMITIVE;
     }
@@ -189 +178 @@
  * @param   iValue              Index to query.
  * @param   ppwszValue          Where to return the value on success.
- * @param   pcwcValue           Where to return the number of characters for \a ppwszValue. Optional an can be NULL.
+ * @param   pcwcValue           Where to return the number of characters in the
+ *                              string returned via \a ppwszValue, including the
+ *                              zero terminator. Optional and can be NULL.
  */
 int VBoxWinDrvInfQueryKeyValue(PINFCONTEXT pCtx, DWORD iValue, PRTUTF16 *ppwszValue, PDWORD pcwcValue)
@@ -231 +222 @@
  *                              Currently only the first model (index 0) is supported.
  * @param   ppwszValue          Where to return the model name on success.
- * @param   pcwcValue           Where to return the number of characters for \a ppwszValue. Optional an can be NULL.
+ * @param   pcwcValue           Where to return the number of characters in the
+ *                              string returned via \a ppwszValue, including the
+ *                              zero terminator. Optional and can be NULL.
  */
 int VBoxWinDrvInfQueryModelEx(HINF hInf, PCRTUTF16 pwszSection, unsigned uIndex, PRTUTF16 *ppwszValue, PDWORD pcwcValue)
 {
-    AssertPtrReturn(pwszSection, VERR_INVALID_POINTER);
-    AssertReturn(uIndex == 0, VERR_INVALID_PARAMETER);
-
     *ppwszValue = NULL;
     if (pcwcValue)
         *pcwcValue = 0;
-
-    int rc = VINF_SUCCESS;
+    AssertPtrReturn(pwszSection, VERR_INVALID_POINTER);
+    AssertReturn(uIndex == 0, VERR_INVALID_PARAMETER);
 
     INFCONTEXT InfCtx;
-    rc = vboxWinDrvInfQueryContext(hInf, pwszSection, NULL, &InfCtx);
+    int rc = vboxWinDrvInfQueryContext(hInf, pwszSection, NULL, &InfCtx);
     if (RT_FAILURE(rc))
         return rc;
@@ -255 +245 @@
         return rc;
 
-    PRTUTF16 pwszResult = NULL;
-    DWORD    cwcResult  = 0;
-
     PRTUTF16 pwszPlatform = NULL;
     DWORD    cwcPlatform;
@@ -270 +257 @@
         {
             RTUTF16 wszSection[VBOXWINDRVINF_MAX_SECTION_NAME_LEN];
-            rc = RTUtf16Copy(wszSection, sizeof(wszSection), pwszModel);
+            rc = RTUtf16Copy(wszSection, RT_ELEMENTS(wszSection), pwszModel);
             if (RT_SUCCESS(rc))
             {
-                rc = RTUtf16Cat(wszSection, sizeof(wszSection), VBOXWINDRVINF_DECORATION_SEP_UTF16_STR);
+                rc = RTUtf16Cat(wszSection, RT_ELEMENTS(wszSection), VBOXWINDRVINF_DECORATION_SEP_UTF16_STR);
                 if (RT_SUCCESS(rc))
                 {
-                    rc = RTUtf16Cat(wszSection, sizeof(wszSection), pwszPlatform);
+                    rc = RTUtf16Cat(wszSection, RT_ELEMENTS(wszSection), pwszPlatform);
                     if (RT_SUCCESS(rc))
                     {
-                        pwszResult = RTUtf16Dup(wszSection);
+                        /** @todo r=bird: Mixing RTMemAlloc and RTUtf16Dup/RTUtf16Alloc is not
+                         *        allowed because of RTMEM_WRAP_TO_EF_APIS and other reasons!  */
+                        PRTUTF16 pwszResult = RTUtf16Dup(wszSection);
                         if (pwszResult)
                         {
-                            cwcResult = (DWORD)RTUtf16Len(wszSection);
+                            *ppwszValue = pwszResult;
+                            if (pcwcValue)
+                                *pcwcValue = (DWORD)(RTUtf16Len(wszSection) + 1);
                         }
                         else
@@ -292 +283 @@
         else
             rc = VERR_PLATFORM_ARCH_NOT_SUPPORTED;
-    }
-    else /* Model w/o platform. */
-    {
-        pwszResult = pwszModel;
-        cwcResult  = cwcModels;
-        pwszModel  = NULL;
-
+        RTMemFree(pwszPlatform);
+        RTMemFree(pwszModel);
+    }
+    else
+    {
+        /* Model without platform - just return the pwszModel string. */
+        *ppwszValue = pwszModel;
+        if (pcwcValue)
+            *pcwcValue = cwcModels;
         rc = VINF_SUCCESS;
-    }
-
-    RTMemFree(pwszModel);
-    RTMemFree(pwszPlatform);
-
-    if (RT_SUCCESS(rc))
-    {
-        *ppwszValue = pwszResult;
-        if (pcwcValue)
-            *pcwcValue = cwcResult;
     }
 
@@ -338 +321 @@
  * @param   pVer                Where to return the Version section information on success.
  */
-int VBoxWinDrvInfQuerySectionVerEx(HINF hInf, UINT uIndex, PVBOXWINDRVINFSEC_VERSION pVer)
+int VBoxWinDrvInfQuerySectionVerEx(HINF hInf, UINT uIndex, PVBOXWINDRVINFSECVERSION pVer)
 {
     DWORD dwSize = 0;
@@ -345 +328 @@
         return VERR_NOT_FOUND;
 
-    int rc = VINF_SUCCESS;
-
-    PSP_INF_INFORMATION pInfo = (PSP_INF_INFORMATION)RTMemAlloc(dwSize);
+    int rc;
+
+    PSP_INF_INFORMATION pInfo = (PSP_INF_INFORMATION)RTMemAllocZ(dwSize);
     AssertPtrReturn(pInfo, VERR_NO_MEMORY);
     fRc = SetupGetInfInformationW(hInf, INFINFO_INF_SPEC_IS_HINF, pInfo, dwSize, NULL);
@@ -354 +337 @@
         if (pInfo->InfStyle == INF_STYLE_WIN4)
         {
+            /*
+             * We query all the keys and values for the given index.
+             */
             dwSize = 0;
             fRc = SetupQueryInfVersionInformationW(pInfo, uIndex, NULL /* Key, NULL means all */,
@@ -359 +345 @@
             if (fRc)
             {
-                PRTUTF16 pwszInfo = (PRTUTF16)RTMemAlloc(dwSize * sizeof(RTUTF16));
-                if (pwszInfo)
+                PRTUTF16 pwszzInfo = (PRTUTF16)RTMemAllocZ(dwSize * sizeof(RTUTF16));
+                if (pwszzInfo)
                 {
                     fRc = SetupQueryInfVersionInformationW(pInfo, uIndex, NULL /* Key, NULL means all */,
-                                                           pwszInfo, dwSize, NULL);
+                                                           pwszzInfo, dwSize, NULL);
+                    if (fRc)
+                    {
+                        /*
+                         * Parse the block of "key1\0value1\0\key2\0\value2\0....\0\0" strings,
+                         * snapping up stuff we know.
+                         */
+                        rc = VINF_SUCCESS;
+                        size_t off  = 0;
+                        while (off < dwSize)
+                        {
+                            PRTUTF16 const pwszKey = &pwszzInfo[off];
+                            size_t const   cwcKey  = RTUtf16NLen(pwszKey, dwSize - off);
+                            off += cwcKey + 1;
+                            if (off >= dwSize)
+                                break;
+                            PRTUTF16 const pwszValue = &pwszzInfo[off];
+                            size_t const   cwcValue  = RTUtf16NLen(pwszValue, dwSize - off);
+                            off += cwcValue + 1;
 
 /** Macro to find a specific key and assign its value to the given string. */
-#define GET_VALUE(a_Key, a_String) \
-    if (!RTUtf16ICmp(pwsz, a_Key)) \
+#define GET_VALUE(a_wszKey, a_wszDst) \
+    if (!RTUtf16ICmp(pwszKey, a_wszKey)) \
     { \
-        rc = RTUtf16Printf(a_String, RT_ELEMENTS(a_String), "%ls", pwsz + cch + 1 /* SKip key + terminator */); \
+        rc = RTUtf16CopyEx(a_wszDst, RT_ELEMENTS(a_wszDst), pwszValue, cwcValue); \
         AssertRCBreak(rc); \
     }
-                    PRTUTF16 pwsz = pwszInfo;
-                    while (dwSize)
-                    {
-                        size_t const cch = RTUtf16Len(pwsz);
-
-                        GET_VALUE(L"DriverVer", pVer->wszDriverVer);
-                        GET_VALUE(L"Provider", pVer->wszProvider);
-                        GET_VALUE(L"CatalogFile", pVer->wszCatalogFile);
-
-                        dwSize -= (DWORD)cch + 1;
-                        pwsz   += cch + 1;
+                            GET_VALUE(L"DriverVer", pVer->wszDriverVer);
+                            GET_VALUE(L"Provider", pVer->wszProvider);
+                            GET_VALUE(L"CatalogFile", pVer->wszCatalogFile);
+#undef GET_VALUE
+                        }
+                        Assert(off == dwSize);
                     }
-                    Assert(dwSize == 0);
-#undef GET_VALUE
-                    RTMemFree(pwszInfo);
+                    else
+                        rc = VBoxWinDrvInstErrorFromWin32(GetLastError());
+                    RTMemFree(pwszzInfo);
                 }
                 else
@@ -411 +410 @@
  * @param   pVer                Where to return the Version section information on success.
  */
-int VBoxWinDrvInfQuerySectionVer(HINF hInf, PVBOXWINDRVINFSEC_VERSION pVer)
+int VBoxWinDrvInfQuerySectionVer(HINF hInf, PVBOXWINDRVINFSECVERSION pVer)
 {
     return VBoxWinDrvInfQuerySectionVerEx(hInf, 0 /* uIndex */, pVer);
@@ -427 +426 @@
 {
     HINF hInf = SetupOpenInfFileW(pwszInfFile, pwszClassName, INF_STYLE_WIN4, NULL /*__in PUINT ErrorLine */);
-    if (hInf == INVALID_HANDLE_VALUE)
+    *phInf = hInf;
+    if (hInf != INVALID_HANDLE_VALUE)
         return VBoxWinDrvInstErrorFromWin32(GetLastError());
-
-    *phInf = hInf;
-
     return VINF_SUCCESS;
 }
@@ -446 +443 @@
 int VBoxWinDrvInfOpen(PCRTUTF16 pwszInfFile, HINF *phInf)
 {
-    int rc;
-
+    int     rc;
     GUID    guid = {};
-    RTUTF16 pwszClassName[MAX_CLASS_NAME_LEN] = { };
-    if (SetupDiGetINFClassW(pwszInfFile, &guid, &(pwszClassName[0]), sizeof(pwszClassName), NULL))
-    {
-        rc = VBoxWinDrvInfOpenEx(pwszInfFile, pwszClassName, phInf);
-    }
+    RTUTF16 wszClassName[MAX_CLASS_NAME_LEN] = {};
+    if (SetupDiGetINFClassW(pwszInfFile, &guid, wszClassName, RT_ELEMENTS(wszClassName), NULL))
+        rc = VBoxWinDrvInfOpenEx(pwszInfFile, wszClassName, phInf);
     else
         rc = VBoxWinDrvInstErrorFromWin32(GetLastError());
-
     return rc;
 }

trunk/src/VBox/GuestHost/installation/VBoxWinDrvCommon.h

@@ -68 +68 @@
 int VBoxWinDrvInfQueryInstallSectionEx(HINF hInf, PCRTUTF16 pwszModel, PRTUTF16 *ppwszValue, PDWORD pcwcValue);
 int VBoxWinDrvInfQueryInstallSection(HINF hInf, PCRTUTF16 pwszModel, PRTUTF16 *ppwszValue);
-int VBoxWinDrvInfQuerySectionVerEx(HINF hInf, UINT uIndex, PVBOXWINDRVINFSEC_VERSION pVer);
-int VBoxWinDrvInfQuerySectionVer(HINF hInf, PVBOXWINDRVINFSEC_VERSION pVer);
+int VBoxWinDrvInfQuerySectionVerEx(HINF hInf, UINT uIndex, PVBOXWINDRVINFSECVERSION pVer);
+int VBoxWinDrvInfQuerySectionVer(HINF hInf, PVBOXWINDRVINFSECVERSION pVer);
 
 const char *VBoxWinDrvSetupApiErrToStr(const DWORD dwErr);