1
0
Fork 0

Improve code readability after looking for buffer overflows

This commit is contained in:
Duncan Ogilvie 2023-02-22 08:51:24 +01:00
parent 4b801d8f21
commit 578c14c8c5
6 changed files with 30 additions and 23 deletions

View File

@ -216,7 +216,7 @@ bool DirExists(const char* dir)
\param [in,out] szFileName Buffer of size MAX_PATH.
\return true if it succeeds, false if it fails.
*/
bool GetFileNameFromHandle(HANDLE hFile, char* szFileName)
bool GetFileNameFromHandle(HANDLE hFile, char* szFileName, size_t nCount)
{
if(!hFile)
return false;
@ -241,11 +241,11 @@ bool GetFileNameFromHandle(HANDLE hFile, char* szFileName)
utf8.insert(0, R"(\\?\GLOBALROOT)");
}
strncpy_s(szFileName, MAX_PATH, utf8.c_str(), _TRUNCATE);
strncpy_s(szFileName, nCount, utf8.c_str(), _TRUNCATE);
return true;
}
bool GetFileNameFromProcessHandle(HANDLE hProcess, char* szFileName)
bool GetFileNameFromProcessHandle(HANDLE hProcess, char* szFileName, size_t nCount)
{
wchar_t wszDosFileName[MAX_PATH] = L"";
wchar_t wszFileName[MAX_PATH] = L"";
@ -260,11 +260,11 @@ bool GetFileNameFromProcessHandle(HANDLE hProcess, char* szFileName)
else
result = !!GetModuleFileNameExW(hProcess, 0, wszFileName, _countof(wszFileName));
if(result)
strncpy_s(szFileName, MAX_PATH, StringUtils::Utf16ToUtf8(wszFileName).c_str(), _TRUNCATE);
strncpy_s(szFileName, nCount, StringUtils::Utf16ToUtf8(wszFileName).c_str(), _TRUNCATE);
return result;
}
bool GetFileNameFromModuleHandle(HANDLE hProcess, HMODULE hModule, char* szFileName)
bool GetFileNameFromModuleHandle(HANDLE hProcess, HMODULE hModule, char* szFileName, size_t nCount)
{
wchar_t wszDosFileName[MAX_PATH] = L"";
wchar_t wszFileName[MAX_PATH] = L"";
@ -279,7 +279,7 @@ bool GetFileNameFromModuleHandle(HANDLE hProcess, HMODULE hModule, char* szFileN
else
result = !!GetModuleFileNameExW(hProcess, hModule, wszFileName, _countof(wszFileName));
if(result)
strncpy_s(szFileName, MAX_PATH, StringUtils::Utf16ToUtf8(wszFileName).c_str(), _TRUNCATE);
strncpy_s(szFileName, nCount, StringUtils::Utf16ToUtf8(wszFileName).c_str(), _TRUNCATE);
return result;
}

View File

@ -57,9 +57,9 @@ void setalloctrace(const char* file);
bool scmp(const char* a, const char* b);
bool FileExists(const char* file);
bool DirExists(const char* dir);
bool GetFileNameFromHandle(HANDLE hFile, char* szFileName);
bool GetFileNameFromProcessHandle(HANDLE hProcess, char* szFileName);
bool GetFileNameFromModuleHandle(HANDLE hProcess, HMODULE hModule, char* szFileName);
bool GetFileNameFromHandle(HANDLE hFile, char* szFileName, size_t nCount);
bool GetFileNameFromProcessHandle(HANDLE hProcess, char* szFileName, size_t nCount);
bool GetFileNameFromModuleHandle(HANDLE hProcess, HMODULE hModule, char* szFileName, size_t nCount);
bool settingboolget(const char* section, const char* name);
bool IsWow64();
bool ResolveShortcut(HWND hwnd, const wchar_t* szShortcutPath, wchar_t* szResolvedPath, size_t nSize);

View File

@ -162,7 +162,7 @@ bool cbInstrVirtualmod(int argc, char* argv[])
return false;
}
char modname[256] = "";
char modname[MAX_MODULE_SIZE] = "";
if(ModNameFromAddr(base, modname, true))
BpEnumAll(cbSetModuleBreakpoints, modname);

View File

@ -38,6 +38,7 @@ static bool skipInt3Stepping(int argc, char* argv[])
bool cbDebugRunInternal(int argc, char* argv[])
{
// Set a singleshot breakpoint at the first parameter
if(argc >= 2 && !DbgCmdExecDirect(StringUtils::sprintf("bp \"%s\", ss", argv[1]).c_str()))
return false;
// Don't "run" twice if the program is already running
@ -81,7 +82,7 @@ bool cbDebugInit(int argc, char* argv[])
dputs(QT_TRANSLATE_NOOP("DBG", "Could not open file!"));
return false;
}
GetFileNameFromHandle(hFile, arg1); //get full path of the file
GetFileNameFromHandle(hFile, arg1, _countof(arg1)); //get full path of the file
dprintf(QT_TRANSLATE_NOOP("DBG", "Debugging: %s\n"), arg1);
hFile.Close();
@ -240,7 +241,7 @@ bool cbDebugAttach(int argc, char* argv[])
#endif // _WIN64
return false;
}
if(!GetFileNameFromProcessHandle(hProcess, szDebuggeePath))
if(!GetFileNameFromProcessHandle(hProcess, szDebuggeePath, _countof(szDebuggeePath)))
{
dprintf(QT_TRANSLATE_NOOP("DBG", "Could not get module filename %X!\n"), DWORD(pid));
return false;

View File

@ -1381,9 +1381,12 @@ static void cbCreateProcess(CREATE_PROCESS_DEBUG_INFO* CreateProcessInfo)
auto base = (duint)CreateProcessInfo->lpBaseOfImage;
pDebuggedBase = base; //debugged base = executable
char DebugFileName[deflen] = "";
if(!GetFileNameFromHandle(CreateProcessInfo->hFile, DebugFileName) && !GetFileNameFromProcessHandle(CreateProcessInfo->hProcess, DebugFileName))
strcpy_s(DebugFileName, GuiTranslateText(QT_TRANSLATE_NOOP("DBG", "??? (GetFileNameFromHandle failed)")));
char DebugFileName[MAX_PATH] = "";
if(!GetFileNameFromHandle(CreateProcessInfo->hFile, DebugFileName, _countof(DebugFileName)))
{
if(!GetFileNameFromProcessHandle(CreateProcessInfo->hProcess, DebugFileName, _countof(DebugFileName)))
strcpy_s(DebugFileName, GuiTranslateText(QT_TRANSLATE_NOOP("DBG", "??? (GetFileNameFromHandle failed)")));
}
dprintf(QT_TRANSLATE_NOOP("DBG", "Process Started: %p %s\n"), base, DebugFileName);
char* cmdline = nullptr;
@ -1412,7 +1415,7 @@ static void cbCreateProcess(CREATE_PROCESS_DEBUG_INFO* CreateProcessInfo)
ModLoad(base, 1, DebugFileName);
char modname[256] = "";
char modname[MAX_MODULE_SIZE] = "";
if(ModNameFromAddr(base, modname, true))
BpEnumAll(cbSetModuleBreakpoints, modname, base);
BpEnumAll(cbSetDLLBreakpoints);
@ -1720,9 +1723,12 @@ static void cbLoadDll(LOAD_DLL_DEBUG_INFO* LoadDll)
hActiveThread = ThreadGetHandle(((DEBUG_EVENT*)GetDebugData())->dwThreadId);
void* base = LoadDll->lpBaseOfDll;
char DLLDebugFileName[deflen] = "";
if(!GetFileNameFromHandle(LoadDll->hFile, DLLDebugFileName) && !GetFileNameFromModuleHandle(fdProcessInfo->hProcess, HMODULE(base), DLLDebugFileName))
strcpy_s(DLLDebugFileName, GuiTranslateText(QT_TRANSLATE_NOOP("DBG", "??? (GetFileNameFromHandle failed)")));
char DLLDebugFileName[MAX_PATH] = "";
if(!GetFileNameFromHandle(LoadDll->hFile, DLLDebugFileName, _countof(DLLDebugFileName)))
{
if(!GetFileNameFromModuleHandle(fdProcessInfo->hProcess, HMODULE(base), DLLDebugFileName, _countof(DLLDebugFileName)))
strcpy_s(DLLDebugFileName, GuiTranslateText(QT_TRANSLATE_NOOP("DBG", "??? (GetFileNameFromHandle failed)")));
}
ModLoad((duint)base, 1, DLLDebugFileName);
@ -1887,7 +1893,7 @@ static void cbUnloadDll(UNLOAD_DLL_DEBUG_INFO* UnloadDll)
plugincbcall(CB_UNLOADDLL, &callbackInfo);
void* base = UnloadDll->lpBaseOfDll;
char modname[256] = "???";
char modname[MAX_MODULE_SIZE] = "???";
if(ModNameFromAddr((duint)base, modname, true))
BpEnumAll(cbRemoveModuleBreakpoints, modname, duint(base));
int party = ModGetParty(duint(base));
@ -2221,7 +2227,7 @@ bool dbglistprocesses(std::vector<PROCESSENTRY32>* infoList, std::vector<std::st
if((mewow64 && !wow64) || (!mewow64 && wow64))
continue;
char szExePath[MAX_PATH] = "";
if(GetFileNameFromProcessHandle(hProcess, szExePath))
if(GetFileNameFromProcessHandle(hProcess, szExePath, _countof(szExePath)))
strcpy_s(pe32.szExeFile, szExePath);
infoList->push_back(pe32);

View File

@ -809,11 +809,11 @@ bool ModLoad(duint Base, duint Size, const char* FullPath, bool loadSymbols)
if(fileStart)
{
strcpy_s(file, fileStart + 1);
strncpy_s(file, fileStart + 1, _TRUNCATE);
fileStart[0] = '\0';
}
else
strcpy_s(file, FullPath);
strncpy_s(file, FullPath, _TRUNCATE);
}
// Calculate module hash from full file name