Skip to content

[Backport 7.x] (PUP-11122) Ensure reg values are null terminated #9219

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jan 24, 2024
Merged

[Backport 7.x] (PUP-11122) Ensure reg values are null terminated #9219

merged 2 commits into from
Jan 24, 2024

Conversation

github-actions[bot]
Copy link

Description

Backport of #9205 to 7.x.

@joshcooper @github-actions
Refactor wchar size
e3645ba 
(cherry picked from commit 493a8b7)
@joshcooper @github-actions
(PUP-11122) Ensure reg values are null terminated
bcdfbf0 
RegQueryValueExW doesn't guarantee the returned buffer for the `lpData`
parameter is null terminated, so ensure that it is.

When retrieving a registry value of type REG_SZ or REG_EXPAND_SZ extend the
buffer by 1 wchar (2 bytes) so we can always write a wchar null terminator that
is guaranteed not to overwrite user data.

The resulting wchar array is then guaranteed to be properly wchar null
terminated:

    \u0041
    \u0042
    \u0000

which when UTF-16LE encoded will result in the byte array:

    \x41 \x00
    \x42 \x00
    \x00 \x00

If Windows does null terminate, then we will add an additional wchar null
terminator, which won't hurt anything.

The same applies to REG_MULTI_SZ, except it is supposed to have two wchar null
terminators, for a total of 4 bytes. One terminator is for the last string in
the array, and one terminator is for the entire array. For example, if the array
contains the strings ['A', 'B'] and Windows does not null terminate the
`lpData` buffer, then the resulting UTF-16LE encoded byte array will contain:

    \x41 \x00
    \x00 \x00
    \x42 \x00
    \x00 \x00
    \x00 \x00

(cherry picked from commit 25a33df)
@github-actions github-actions bot requested a review from a team as a code owner January 23, 2024 21:01
@github-actions github-actions bot mentioned this pull request Jan 23, 2024
Merged
@puppetlabs-jenkins
Copy link
Collaborator

Can one of the admins verify this patch?

@joshcooper joshcooper closed this Jan 24, 2024
@joshcooper joshcooper reopened this Jan 24, 2024
@joshcooper joshcooper merged commit 52903c2 into 7.x Jan 24, 2024
@joshcooper joshcooper deleted the backport-9205-to-7.x branch January 24, 2024 03:54
@mhashizume mhashizume added the bug Something isn't working label Jan 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@joshcooper joshcooper joshcooper approved these changes

Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@puppetlabs-jenkins @joshcooper @mhashizume