[Libreoffice-commits] core.git: shell/source
Mike Kaganski (via logerrit)
logerrit at kemper.freedesktop.org
Tue Jan 28 07:14:15 UTC 2020
shell/source/win32/SysShExec.cxx | 34 +++++++++++++++++++++++-----------
1 file changed, 23 insertions(+), 11 deletions(-)
New commits:
commit f772ccb8008c4e9429982a226eab3341da1cdeed
Author: Mike Kaganski <mike.kaganski at collabora.com>
AuthorDate: Tue Jan 28 01:28:24 2020 +0300
Commit: Mike Kaganski <mike.kaganski at collabora.com>
CommitDate: Tue Jan 28 08:13:42 2020 +0100
tdf#130216: normalize paths with .. segments
... which obviously are rejected by SHGetFileInfoW and SHParseDisplayName
that it calls internally.
Change-Id: I2f5f3c675ea6aa1c2d92eef30be4399a8d600255
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/87565
Tested-by: Jenkins
Reviewed-by: Mike Kaganski <mike.kaganski at collabora.com>
diff --git a/shell/source/win32/SysShExec.cxx b/shell/source/win32/SysShExec.cxx
index 42ef1b63e761..09ac1814e51d 100644
--- a/shell/source/win32/SysShExec.cxx
+++ b/shell/source/win32/SysShExec.cxx
@@ -37,6 +37,7 @@
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
#include <shellapi.h>
+#include <Shlobj.h>
#include <Shobjidl.h>
#include <objbase.h>
@@ -259,22 +260,34 @@ void SAL_CALL CSysShExec::execute( const OUString& aCommand, const OUString& aPa
+ "> failed with " + OUString::number(e1)),
{}, 0);
}
+ const int MAX_LONG_PATH = 32767; // max longpath on WinNT
+ if (pathname.getLength() >= MAX_LONG_PATH)
+ {
+ throw css::lang::IllegalArgumentException(
+ "XSystemShellExecute.execute, path <" + pathname + "> too long", {}, 0);
+ }
preprocessed_command = pathname;
+ wchar_t path[MAX_LONG_PATH];
+ wcscpy_s(path, o3tl::toW(pathname.getStr()));
for (int i = 0;; ++i) {
+ // tdf#130216: normalize c:\path\to\something\..\else into c:\path\to\else
+ if (PathResolve(path, nullptr, PRF_VERIFYEXISTS | PRF_REQUIREABSOLUTE) == 0)
+ {
+ throw css::lang::IllegalArgumentException(
+ "XSystemShellExecute.execute, PathResolve(" + OUString(o3tl::toU(path))
+ + ") failed",
+ {}, 0);
+ }
SHFILEINFOW info;
- if (SHGetFileInfoW(
- o3tl::toW(pathname.getStr()), 0, &info, sizeof info, SHGFI_EXETYPE)
- != 0)
+ if (SHGetFileInfoW(path, 0, &info, sizeof info, SHGFI_EXETYPE) != 0)
{
throw css::lang::IllegalArgumentException(
"XSystemShellExecute.execute, cannot process <" + aCommand + ">", {}, 0);
}
- if (SHGetFileInfoW(
- o3tl::toW(pathname.getStr()), 0, &info, sizeof info, SHGFI_ATTRIBUTES)
- == 0)
+ if (SHGetFileInfoW(path, 0, &info, sizeof info, SHGFI_ATTRIBUTES) == 0)
{
throw css::lang::IllegalArgumentException(
- "XSystemShellExecute.execute, SHGetFileInfoW(" + pathname + ") failed", {},
+ "XSystemShellExecute.execute, SHGetFileInfoW(" + OUString(o3tl::toU(path)) + ") failed", {},
0);
}
if ((info.dwAttributes & SFGAO_LINK) == 0) {
@@ -299,7 +312,7 @@ void SAL_CALL CSysShExec::execute( const OUString& aCommand, const OUString& aPa
+ o3tl::runtimeToOUString(e3.what())),
{}, 0);
}
- e2 = file->Load(o3tl::toW(pathname.getStr()), STGM_READ);
+ e2 = file->Load(path, STGM_READ);
if (FAILED(e2)) {
throw css::lang::IllegalArgumentException(
("XSystemShellExecute.execute, IPersistFile.Load failed with "
@@ -313,16 +326,14 @@ void SAL_CALL CSysShExec::execute( const OUString& aCommand, const OUString& aPa
+ OUString::number(e2)),
{}, 0);
}
- wchar_t path[MAX_PATH];
WIN32_FIND_DATAW wfd;
- e2 = link->GetPath(path, MAX_PATH, &wfd, SLGP_RAWPATH);
+ e2 = link->GetPath(path, SAL_N_ELEMENTS(path), &wfd, SLGP_RAWPATH);
if (FAILED(e2)) {
throw css::lang::IllegalArgumentException(
("XSystemShellExecute.execute, IShellLink.GetPath failed with "
+ OUString::number(e2)),
{}, 0);
}
- pathname = o3tl::toU(path);
// Fail at some arbitrary nesting depth, to avoid an infinite loop:
if (i == 30) {
throw css::lang::IllegalArgumentException(
@@ -330,6 +341,7 @@ void SAL_CALL CSysShExec::execute( const OUString& aCommand, const OUString& aPa
{}, 0);
}
}
+ pathname = o3tl::toU(path);
auto const n = pathname.lastIndexOf('.');
if (n > pathname.lastIndexOf('\\')) {
auto const ext = pathname.copy(n + 1);
More information about the Libreoffice-commits
mailing list