huwcampbell.com / reactos
Reactos
fork atom

[CPL] Boundary check of Control Panel applets (#4706)

- Check the boundary (i < NUM_APPLETS) of the variable i in CPlApplet functions.
- Use UINT type for the variable i.

authored by

Katayama Hirofumi MZ and committed by
GitHub e5ebbc8a 37ccb9e5

+194 -98
+13 -3
dll/cpl/access/access.c
··· 240 240 LPARAM lParam1, 241 241 LPARAM lParam2) 242 242 { 243 - INT i = (INT)lParam1; 243 + UINT i = (UINT)lParam1; 244 244 245 245 switch (uMsg) 246 246 { ··· 251 251 return NUM_APPLETS; 252 252 253 253 case CPL_INQUIRE: 254 + if (i < NUM_APPLETS) 254 255 { 255 256 CPLINFO *CPlInfo = (CPLINFO*)lParam2; 256 257 CPlInfo->lData = 0; ··· 258 259 CPlInfo->idName = Applets[i].idName; 259 260 CPlInfo->idInfo = Applets[i].idDescription; 260 261 } 262 + else 263 + { 264 + return TRUE; 265 + } 261 266 break; 262 267 263 268 case CPL_DBLCLK: 264 - Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2); 269 + if (i < NUM_APPLETS) 270 + Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2); 271 + else 272 + return TRUE; 265 273 break; 266 274 267 275 case CPL_STARTWPARMSW: 268 - return Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2); 276 + if (i < NUM_APPLETS) 277 + return Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2); 278 + break; 269 279 } 270 280 271 281 return FALSE;
+13 -3
dll/cpl/desk/desk.c
··· 252 252 LONG CALLBACK 253 253 CPlApplet(HWND hwndCPl, UINT uMsg, LPARAM lParam1, LPARAM lParam2) 254 254 { 255 - int i = (int)lParam1; 255 + UINT i = (UINT)lParam1; 256 256 257 257 switch (uMsg) 258 258 { ··· 263 263 return NUM_APPLETS; 264 264 265 265 case CPL_INQUIRE: 266 + if (i < NUM_APPLETS) 266 267 { 267 268 CPLINFO *CPlInfo = (CPLINFO*)lParam2; 268 269 CPlInfo->lData = 0; ··· 270 271 CPlInfo->idName = Applets[i].idName; 271 272 CPlInfo->idInfo = Applets[i].idDescription; 272 273 } 274 + else 275 + { 276 + return TRUE; 277 + } 273 278 break; 274 279 275 280 case CPL_DBLCLK: 276 - Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2); 281 + if (i < NUM_APPLETS) 282 + Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2); 283 + else 284 + return TRUE; 277 285 break; 278 286 279 287 case CPL_STARTWPARMSW: 280 - return Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2); 288 + if (i < NUM_APPLETS) 289 + return Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2); 290 + break; 281 291 } 282 292 283 293 return FALSE;
+12 -2
dll/cpl/hotplug/hotplug.c
··· 548 548 return NUM_APPLETS; 549 549 550 550 case CPL_INQUIRE: 551 + if (i < NUM_APPLETS) 551 552 { 552 553 CPLINFO *CPlInfo = (CPLINFO*)lParam2; 553 554 CPlInfo->lData = 0; ··· 555 556 CPlInfo->idName = Applets[i].idName; 556 557 CPlInfo->idInfo = Applets[i].idDescription; 557 558 } 559 + else 560 + { 561 + return TRUE; 562 + } 558 563 break; 559 564 560 565 case CPL_DBLCLK: 561 - Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2); 566 + if (i < NUM_APPLETS) 567 + Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2); 568 + else 569 + return TRUE; 562 570 break; 563 571 564 572 case CPL_STARTWPARMSW: 565 - return Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2); 573 + if (i < NUM_APPLETS) 574 + return Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2); 575 + break; 566 576 } 567 577 return FALSE; 568 578 }
+17 -9
dll/cpl/input/input.c
··· 87 87 CPlApplet(HWND hwndCPl, UINT uMsg, LPARAM lParam1, LPARAM lParam2) 88 88 { 89 89 CPLINFO *CPlInfo; 90 - int i; 91 - 92 - i = (int)lParam1; 90 + UINT i = (UINT)lParam1; 93 91 94 92 switch (uMsg) 95 93 { ··· 100 98 return NUM_APPLETS; 101 99 102 100 case CPL_INQUIRE: 103 - CPlInfo = (CPLINFO*)lParam2; 104 - CPlInfo->lData = 0; 105 - CPlInfo->idIcon = Applets[i].idIcon; 106 - CPlInfo->idName = Applets[i].idName; 107 - CPlInfo->idInfo = Applets[i].idDescription; 101 + if (i < NUM_APPLETS) 102 + { 103 + CPlInfo = (CPLINFO*)lParam2; 104 + CPlInfo->lData = 0; 105 + CPlInfo->idIcon = Applets[i].idIcon; 106 + CPlInfo->idName = Applets[i].idName; 107 + CPlInfo->idInfo = Applets[i].idDescription; 108 + } 109 + else 110 + { 111 + return TRUE; 112 + } 108 113 break; 109 114 110 115 case CPL_DBLCLK: 111 - Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2); 116 + if (i < NUM_APPLETS) 117 + Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2); 118 + else 119 + return TRUE; 112 120 break; 113 121 } 114 122
+21 -11
dll/cpl/intl/intl.c
··· 232 232 LPARAM lParam1, 233 233 LPARAM lParam2) 234 234 { 235 + UINT i = (UINT)lParam1; 236 + 235 237 switch (uMsg) 236 238 { 237 239 case CPL_INIT: ··· 241 243 return NUM_APPLETS; 242 244 243 245 case CPL_INQUIRE: 244 - { 245 - CPLINFO *CPlInfo = (CPLINFO*)lParam2; 246 - UINT uAppIndex = (UINT)lParam1; 247 - 248 - CPlInfo->lData = 0; 249 - CPlInfo->idIcon = Applets[uAppIndex].idIcon; 250 - CPlInfo->idName = Applets[uAppIndex].idName; 251 - CPlInfo->idInfo = Applets[uAppIndex].idDescription; 246 + if (i < NUM_APPLETS) 247 + { 248 + CPLINFO *CPlInfo = (CPLINFO*)lParam2; 249 + CPlInfo->lData = 0; 250 + CPlInfo->idIcon = Applets[i].idIcon; 251 + CPlInfo->idName = Applets[i].idName; 252 + CPlInfo->idInfo = Applets[i].idDescription; 253 + } 254 + else 255 + { 256 + return TRUE; 257 + } 252 258 break; 253 - } 254 259 255 260 case CPL_DBLCLK: 256 - Applets[(UINT)lParam1].AppletProc(hwndCpl, uMsg, lParam1, lParam2); 261 + if (i < NUM_APPLETS) 262 + Applets[i].AppletProc(hwndCpl, uMsg, lParam1, lParam2); 263 + else 264 + return TRUE; 257 265 break; 258 266 259 267 case CPL_STARTWPARMSW: 260 - return Applets[(UINT)lParam1].AppletProc(hwndCpl, uMsg, lParam1, lParam2); 268 + if (i < NUM_APPLETS) 269 + return Applets[i].AppletProc(hwndCpl, uMsg, lParam1, lParam2); 270 + break; 261 271 } 262 272 263 273 return FALSE;
+17 -9
dll/cpl/joy/joy.c
··· 319 319 CPlApplet(HWND hwndCPl, UINT uMsg, LPARAM lParam1, LPARAM lParam2) 320 320 { 321 321 CPLINFO *CPlInfo; 322 - DWORD i; 323 - 322 + UINT i = (UINT)lParam1; 324 323 UNREFERENCED_PARAMETER(hwndCPl); 325 324 326 - i = (DWORD)lParam1; 327 325 switch (uMsg) 328 326 { 329 327 case CPL_INIT: ··· 333 331 return NUM_APPLETS; 334 332 335 333 case CPL_INQUIRE: 336 - CPlInfo = (CPLINFO*)lParam2; 337 - CPlInfo->lData = 0; 338 - CPlInfo->idIcon = Applets[i].idIcon; 339 - CPlInfo->idName = Applets[i].idName; 340 - CPlInfo->idInfo = Applets[i].idDescription; 334 + if (i < NUM_APPLETS) 335 + { 336 + CPlInfo = (CPLINFO*)lParam2; 337 + CPlInfo->lData = 0; 338 + CPlInfo->idIcon = Applets[i].idIcon; 339 + CPlInfo->idName = Applets[i].idName; 340 + CPlInfo->idInfo = Applets[i].idDescription; 341 + } 342 + else 343 + { 344 + return TRUE; 345 + } 341 346 break; 342 347 343 348 case CPL_DBLCLK: 344 - Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2); 349 + if (i < NUM_APPLETS) 350 + Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2); 351 + else 352 + return TRUE; 345 353 break; 346 354 } 347 355
+21 -14
dll/cpl/main/main.c
··· 87 87 LPARAM lParam1, 88 88 LPARAM lParam2) 89 89 { 90 + UINT i = (UINT)lParam1; 91 + 90 92 switch(uMsg) 91 93 { 92 94 case CPL_INIT: ··· 96 98 return NUM_APPLETS; 97 99 98 100 case CPL_INQUIRE: 99 - { 100 - CPLINFO *CPlInfo = (CPLINFO*)lParam2; 101 - UINT uAppIndex = (UINT)lParam1; 102 - 103 - CPlInfo->lData = lParam1; 104 - CPlInfo->idIcon = Applets[uAppIndex].idIcon; 105 - CPlInfo->idName = Applets[uAppIndex].idName; 106 - CPlInfo->idInfo = Applets[uAppIndex].idDescription; 101 + if (i < NUM_APPLETS) 102 + { 103 + CPLINFO *CPlInfo = (CPLINFO*)lParam2; 104 + CPlInfo->lData = lParam1; 105 + CPlInfo->idIcon = Applets[i].idIcon; 106 + CPlInfo->idName = Applets[i].idName; 107 + CPlInfo->idInfo = Applets[i].idDescription; 108 + } 109 + else 110 + { 111 + return TRUE; 112 + } 107 113 break; 108 - } 109 114 110 115 case CPL_DBLCLK: 111 - { 112 - UINT uAppIndex = (UINT)lParam1; 113 - Applets[uAppIndex].AppletProc(hwndCpl, uMsg, lParam1, lParam2); 116 + if (i < NUM_APPLETS) 117 + Applets[i].AppletProc(hwndCpl, uMsg, lParam1, lParam2); 118 + else 119 + return TRUE; 114 120 break; 115 - } 116 121 117 122 case CPL_STARTWPARMSW: 118 - return Applets[(UINT)lParam1].AppletProc(hwndCpl, uMsg, lParam1, lParam2); 123 + if (i < NUM_APPLETS) 124 + return Applets[i].AppletProc(hwndCpl, uMsg, lParam1, lParam2); 125 + break; 119 126 } 120 127 121 128 return FALSE;
+21 -17
dll/cpl/mmsys/mmsys.c
··· 745 745 LPARAM lParam1, 746 746 LPARAM lParam2) 747 747 { 748 + UINT i = (UINT)lParam1; 749 + 748 750 switch (uMsg) 749 751 { 750 752 case CPL_INIT: ··· 754 756 return NUM_APPLETS; 755 757 756 758 case CPL_INQUIRE: 757 - { 758 - CPLINFO *CPlInfo = (CPLINFO*)lParam2; 759 - UINT uAppIndex = (UINT)lParam1; 760 - 761 - CPlInfo->lData = 0; 762 - CPlInfo->idIcon = Applets[uAppIndex].idIcon; 763 - CPlInfo->idName = Applets[uAppIndex].idName; 764 - CPlInfo->idInfo = Applets[uAppIndex].idDescription; 759 + if (i < NUM_APPLETS) 760 + { 761 + CPLINFO *CPlInfo = (CPLINFO*)lParam2; 762 + CPlInfo->lData = 0; 763 + CPlInfo->idIcon = Applets[i].idIcon; 764 + CPlInfo->idName = Applets[i].idName; 765 + CPlInfo->idInfo = Applets[i].idDescription; 766 + } 767 + else 768 + { 769 + return TRUE; 770 + } 765 771 break; 766 - } 767 772 768 773 case CPL_DBLCLK: 769 - { 770 - UINT uAppIndex = (UINT)lParam1; 771 - Applets[uAppIndex].AppletProc(hwndCpl, 772 - uMsg, 773 - lParam1, 774 - lParam2); 774 + if (i < NUM_APPLETS) 775 + Applets[i].AppletProc(hwndCpl, uMsg, lParam1, lParam2); 776 + else 777 + return TRUE; 775 778 break; 776 - } 777 779 778 780 case CPL_STARTWPARMSW: 779 - return Applets[(UINT)lParam1].AppletProc(hwndCpl, uMsg, lParam1, lParam2); 781 + if (i < NUM_APPLETS) 782 + return Applets[i].AppletProc(hwndCpl, uMsg, lParam1, lParam2); 783 + break; 780 784 } 781 785 782 786 return FALSE;
+17 -11
dll/cpl/powercfg/powercfg.c
··· 155 155 LPARAM lParam1, 156 156 LPARAM lParam2) 157 157 { 158 - int i = (int)lParam1; 158 + UINT i = (UINT)lParam1; 159 159 160 160 switch (uMsg) 161 161 { ··· 170 170 } 171 171 172 172 case CPL_INQUIRE: 173 - { 174 - CPLINFO *CPlInfo = (CPLINFO*)lParam2; 175 - CPlInfo->lData = 0; 176 - CPlInfo->idIcon = Applets[i].idIcon; 177 - CPlInfo->idName = Applets[i].idName; 178 - CPlInfo->idInfo = Applets[i].idDescription; 173 + if (i < NUM_APPLETS) 174 + { 175 + CPLINFO *CPlInfo = (CPLINFO*)lParam2; 176 + CPlInfo->lData = 0; 177 + CPlInfo->idIcon = Applets[i].idIcon; 178 + CPlInfo->idName = Applets[i].idName; 179 + CPlInfo->idInfo = Applets[i].idDescription; 180 + } 181 + else 182 + { 183 + return TRUE; 184 + } 179 185 break; 180 - } 181 186 182 187 case CPL_DBLCLK: 183 - { 184 - Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2); 188 + if (i < NUM_APPLETS) 189 + Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2); 190 + else 191 + return TRUE; 185 192 break; 186 - } 187 193 } 188 194 189 195 return FALSE;
+13 -4
dll/cpl/sysdm/sysdm.c
··· 203 203 LPARAM lParam1, 204 204 LPARAM lParam2) 205 205 { 206 - INT i = (INT)lParam1; 206 + UINT i = (UINT)lParam1; 207 207 208 208 UNREFERENCED_PARAMETER(hwndCPl); 209 209 ··· 216 216 return NUM_APPLETS; 217 217 218 218 case CPL_INQUIRE: 219 + if (i < NUM_APPLETS) 219 220 { 220 221 CPLINFO *CPlInfo = (CPLINFO*)lParam2; 221 222 CPlInfo->lData = 0; ··· 223 224 CPlInfo->idName = Applets[i].idName; 224 225 CPlInfo->idInfo = Applets[i].idDescription; 225 226 } 227 + else 228 + { 229 + return TRUE; 230 + } 226 231 break; 227 232 228 233 case CPL_DBLCLK: 229 - Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2); 234 + if (i < NUM_APPLETS) 235 + Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2); 236 + else 237 + return TRUE; 230 238 break; 231 239 232 240 case CPL_STARTWPARMSW: 233 - return Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2); 234 - 241 + if (i < NUM_APPLETS) 242 + return Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2); 243 + break; 235 244 } 236 245 237 246 return FALSE;
+19 -13
dll/cpl/timedate/timedate.c
··· 131 131 LPARAM lParam1, 132 132 LPARAM lParam2) 133 133 { 134 - INT i = (INT)lParam1; 134 + UINT i = (UINT)lParam1; 135 135 136 136 switch (uMsg) 137 137 { ··· 142 142 return NUM_APPLETS; 143 143 144 144 case CPL_INQUIRE: 145 - { 146 - CPLINFO *CPlInfo = (CPLINFO*)lParam2; 147 - CPlInfo->lData = 0; 148 - CPlInfo->idIcon = Applets[i].idIcon; 149 - CPlInfo->idName = Applets[i].idName; 150 - CPlInfo->idInfo = Applets[i].idDescription; 151 - } 152 - break; 145 + if (i < NUM_APPLETS) 146 + { 147 + CPLINFO *CPlInfo = (CPLINFO*)lParam2; 148 + CPlInfo->lData = 0; 149 + CPlInfo->idIcon = Applets[i].idIcon; 150 + CPlInfo->idName = Applets[i].idName; 151 + CPlInfo->idInfo = Applets[i].idDescription; 152 + } 153 + else 154 + { 155 + return TRUE; 156 + } 157 + break; 153 158 154 159 case CPL_DBLCLK: 155 - { 156 - Applets[i].AppletProc(hwndCpl, uMsg, lParam1, lParam2); 157 - } 158 - break; 160 + if (i < NUM_APPLETS) 161 + Applets[i].AppletProc(hwndCpl, uMsg, lParam1, lParam2); 162 + else 163 + return TRUE; 164 + break; 159 165 } 160 166 return FALSE; 161 167 }
+10 -2
dll/cpl/usrmgr/usrmgr.c
··· 90 90 LONG CALLBACK 91 91 CPlApplet(HWND hwndCPl, UINT uMsg, LPARAM lParam1, LPARAM lParam2) 92 92 { 93 - int i = (int)lParam1; 93 + UINT i = (UINT)lParam1; 94 94 95 95 switch (uMsg) 96 96 { ··· 101 101 return NUM_APPLETS; 102 102 103 103 case CPL_INQUIRE: 104 + if (i < NUM_APPLETS) 104 105 { 105 106 CPLINFO *CPlInfo = (CPLINFO*)lParam2; 106 107 CPlInfo->lData = 0; ··· 108 109 CPlInfo->idName = Applets[i].idName; 109 110 CPlInfo->idInfo = Applets[i].idDescription; 110 111 } 112 + else 113 + { 114 + return TRUE; 115 + } 111 116 break; 112 117 113 118 case CPL_DBLCLK: 114 - Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2); 119 + if (i < NUM_APPLETS) 120 + Applets[i].AppletProc(hwndCPl, uMsg, lParam1, lParam2); 121 + else 122 + return TRUE; 115 123 break; 116 124 } 117 125