From f772ccb8008c4e9429982a226eab3341da1cdeed Mon Sep 17 00:00:00 2001 From: Mike Kaganski Date: Tue, 28 Jan 2020 01:28:24 +0300 Subject: tdf#130216: normalize paths with .. segments ... which obviously are rejected by SHGetFileInfoW and SHParseDisplayName that it calls internally. Change-Id: I2f5f3c675ea6aa1c2d92eef30be4399a8d600255 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/87565 Tested-by: Jenkins Reviewed-by: Mike Kaganski --- shell/source/win32/SysShExec.cxx | 34 +++++++++++++++++++++++----------- 1 file changed, 23 insertions(+), 11 deletions(-) (limited to 'shell') diff --git a/shell/source/win32/SysShExec.cxx b/shell/source/win32/SysShExec.cxx index 42ef1b63e761..09ac1814e51d 100644 --- a/shell/source/win32/SysShExec.cxx +++ b/shell/source/win32/SysShExec.cxx @@ -37,6 +37,7 @@ #define WIN32_LEAN_AND_MEAN #include #include +#include #include #include @@ -259,22 +260,34 @@ void SAL_CALL CSysShExec::execute( const OUString& aCommand, const OUString& aPa + "> failed with " + OUString::number(e1)), {}, 0); } + const int MAX_LONG_PATH = 32767; // max longpath on WinNT + if (pathname.getLength() >= MAX_LONG_PATH) + { + throw css::lang::IllegalArgumentException( + "XSystemShellExecute.execute, path <" + pathname + "> too long", {}, 0); + } preprocessed_command = pathname; + wchar_t path[MAX_LONG_PATH]; + wcscpy_s(path, o3tl::toW(pathname.getStr())); for (int i = 0;; ++i) { + // tdf#130216: normalize c:\path\to\something\..\else into c:\path\to\else + if (PathResolve(path, nullptr, PRF_VERIFYEXISTS | PRF_REQUIREABSOLUTE) == 0) + { + throw css::lang::IllegalArgumentException( + "XSystemShellExecute.execute, PathResolve(" + OUString(o3tl::toU(path)) + + ") failed", + {}, 0); + } SHFILEINFOW info; - if (SHGetFileInfoW( - o3tl::toW(pathname.getStr()), 0, &info, sizeof info, SHGFI_EXETYPE) - != 0) + if (SHGetFileInfoW(path, 0, &info, sizeof info, SHGFI_EXETYPE) != 0) { throw css::lang::IllegalArgumentException( "XSystemShellExecute.execute, cannot process <" + aCommand + ">", {}, 0); } - if (SHGetFileInfoW( - o3tl::toW(pathname.getStr()), 0, &info, sizeof info, SHGFI_ATTRIBUTES) - == 0) + if (SHGetFileInfoW(path, 0, &info, sizeof info, SHGFI_ATTRIBUTES) == 0) { throw css::lang::IllegalArgumentException( - "XSystemShellExecute.execute, SHGetFileInfoW(" + pathname + ") failed", {}, + "XSystemShellExecute.execute, SHGetFileInfoW(" + OUString(o3tl::toU(path)) + ") failed", {}, 0); } if ((info.dwAttributes & SFGAO_LINK) == 0) { @@ -299,7 +312,7 @@ void SAL_CALL CSysShExec::execute( const OUString& aCommand, const OUString& aPa + o3tl::runtimeToOUString(e3.what())), {}, 0); } - e2 = file->Load(o3tl::toW(pathname.getStr()), STGM_READ); + e2 = file->Load(path, STGM_READ); if (FAILED(e2)) { throw css::lang::IllegalArgumentException( ("XSystemShellExecute.execute, IPersistFile.Load failed with " @@ -313,16 +326,14 @@ void SAL_CALL CSysShExec::execute( const OUString& aCommand, const OUString& aPa + OUString::number(e2)), {}, 0); } - wchar_t path[MAX_PATH]; WIN32_FIND_DATAW wfd; - e2 = link->GetPath(path, MAX_PATH, &wfd, SLGP_RAWPATH); + e2 = link->GetPath(path, SAL_N_ELEMENTS(path), &wfd, SLGP_RAWPATH); if (FAILED(e2)) { throw css::lang::IllegalArgumentException( ("XSystemShellExecute.execute, IShellLink.GetPath failed with " + OUString::number(e2)), {}, 0); } - pathname = o3tl::toU(path); // Fail at some arbitrary nesting depth, to avoid an infinite loop: if (i == 30) { throw css::lang::IllegalArgumentException( @@ -330,6 +341,7 @@ void SAL_CALL CSysShExec::execute( const OUString& aCommand, const OUString& aPa {}, 0); } } + pathname = o3tl::toU(path); auto const n = pathname.lastIndexOf('.'); if (n > pathname.lastIndexOf('\\')) { auto const ext = pathname.copy(n + 1); -- cgit