Skip to content

Commit

Permalink
[md5sum] fix md5sum computation for the setup wrapper
Browse files Browse the repository at this point in the history
* Also fix a couple small memory leaks and potential NULL deref.
* Also report saved path when saving to image.
  • Loading branch information
pbatard committed Oct 10, 2024
1 parent ede52c5 commit 5439ca8
Show file tree
Hide file tree
Showing 7 changed files with 42 additions and 23 deletions.
18 changes: 8 additions & 10 deletions src/hash.c
Original file line number Diff line number Diff line change
Expand Up @@ -2158,9 +2158,11 @@ static BOOL IsRevokedBySvn(uint8_t* buf, uint32_t len)
if (rsrc_rva != 0) {
if (rsrc_len == sizeof(uint32_t)) {
svn_ver = (uint32_t*)RvaToPhysical(buf, rsrc_rva);
uuprintf(" SVN version: %d.%d", *svn_ver >> 16, *svn_ver & 0xffff);
if (svn_ver != NULL && *svn_ver < sbat_entries[i].version)
return TRUE;
if (svn_ver != NULL) {
uuprintf(" SVN version: %d.%d", *svn_ver >> 16, *svn_ver & 0xffff);
if (*svn_ver < sbat_entries[i].version)
return TRUE;
}
} else {
uprintf("WARNING: Unexpected Secure Version Number size");
}
Expand Down Expand Up @@ -2264,12 +2266,12 @@ void UpdateMD5Sum(const char* dest_dir, const char* md5sum_name)
char *md5_data = NULL, *new_data = NULL, *str_pos, *d, *s, *p;

if (!img_report.has_md5sum && !validate_md5sum)
goto out;
return;

static_sprintf(md5_path, "%s\\%s", dest_dir, md5sum_name);
md5_size = read_file(md5_path, (uint8_t**)&md5_data);
if (md5_size == 0)
goto out;
return;

for (i = 0; i < modified_files.Index; i++) {
for (j = 0; j < (uint32_t)strlen(modified_files.String[i]); j++)
Expand Down Expand Up @@ -2301,7 +2303,7 @@ void UpdateMD5Sum(const char* dest_dir, const char* md5sum_name)
new_data = malloc(md5_size + 1024);
assert(new_data != NULL);
if (new_data == NULL)
goto out;
return;
// Will be nonzero if we created the file, otherwise zero
if (md5sum_totalbytes != 0) {
snprintf(new_data, md5_size + 1024, "# md5sum_totalbytes = 0x%llx\n", md5sum_totalbytes);
Expand Down Expand Up @@ -2372,10 +2374,6 @@ void UpdateMD5Sum(const char* dest_dir, const char* md5sum_name)

write_file(md5_path, md5_data, md5_size);
free(md5_data);

out:
// We no longer need the string array at this stage
StrArrayDestroy(&modified_files);
}

#if defined(_DEBUG) || defined(TEST) || defined(ALPHA)
Expand Down
2 changes: 1 addition & 1 deletion src/iso.c
Original file line number Diff line number Diff line change
Expand Up @@ -1134,7 +1134,7 @@ BOOL ExtractISO(const char* src_iso, const char* dest_dir, BOOL scan)
last_nb_blocks = 0;
iso_blocking_status = 0;
symlinked_syslinux[0] = 0;
StrArrayCreate(&modified_files, 8);
StrArrayClear(&modified_files);
if (validate_md5sum) {
md5sum_totalbytes = 0;
// If there isn't an already existing md5sum.txt create one
Expand Down
2 changes: 2 additions & 0 deletions src/rufus.c
Original file line number Diff line number Diff line change
Expand Up @@ -2103,6 +2103,7 @@ static void InitDialog(HWND hDlg)
// Create the string arrays
StrArrayCreate(&BlockingProcessList, 16);
StrArrayCreate(&ImageList, 16);
StrArrayCreate(&modified_files, 8);
// Set various checkboxes
CheckDlgButton(hDlg, IDC_QUICK_FORMAT, BST_CHECKED);
CheckDlgButton(hDlg, IDC_EXTENDED_LABEL, BST_CHECKED);
Expand Down Expand Up @@ -2277,6 +2278,7 @@ static INT_PTR CALLBACK MainCallback(HWND hDlg, UINT message, WPARAM wParam, LPA
StopProcessSearch();
StrArrayDestroy(&BlockingProcessList);
StrArrayDestroy(&ImageList);
StrArrayDestroy(&modified_files);
DestroyAllTooltips();
DestroyWindow(hLogDialog);
GetWindowRect(hDlg, &relaunch_rc);
Expand Down
1 change: 1 addition & 0 deletions src/rufus.h
Original file line number Diff line number Diff line change
Expand Up @@ -710,6 +710,7 @@ extern unsigned long syslinux_ldlinux_len[2];
extern char ubuffer[UBUFFER_SIZE], embedded_sl_version_str[2][12];
extern char szFolderPath[MAX_PATH], app_dir[MAX_PATH], temp_dir[MAX_PATH], system_dir[MAX_PATH];
extern char sysnative_dir[MAX_PATH], app_data_dir[MAX_PATH], *image_path, *fido_url;
extern StrArray modified_files;

/*
* Shared prototypes
Expand Down
10 changes: 5 additions & 5 deletions src/rufus.rc
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ LANGUAGE LANG_NEUTRAL, SUBLANG_NEUTRAL
IDD_DIALOG DIALOGEX 12, 12, 232, 326
STYLE DS_SETFONT | DS_MODALFRAME | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU
EXSTYLE WS_EX_ACCEPTFILES
CAPTION "Rufus 4.6.2203"
CAPTION "Rufus 4.6.2204"
FONT 9, "Segoe UI Symbol", 400, 0, 0x0
BEGIN
LTEXT "Drive Properties",IDS_DRIVE_PROPERTIES_TXT,8,6,53,12,NOT WS_GROUP
Expand Down Expand Up @@ -399,8 +399,8 @@ END
//

VS_VERSION_INFO VERSIONINFO
FILEVERSION 4,6,2203,0
PRODUCTVERSION 4,6,2203,0
FILEVERSION 4,6,2204,0
PRODUCTVERSION 4,6,2204,0
FILEFLAGSMASK 0x3fL
#ifdef _DEBUG
FILEFLAGS 0x1L
Expand All @@ -418,13 +418,13 @@ BEGIN
VALUE "Comments", "https://rufus.ie"
VALUE "CompanyName", "Akeo Consulting"
VALUE "FileDescription", "Rufus"
VALUE "FileVersion", "4.6.2203"
VALUE "FileVersion", "4.6.2204"
VALUE "InternalName", "Rufus"
VALUE "LegalCopyright", "� 2011-2024 Pete Batard (GPL v3)"
VALUE "LegalTrademarks", "https://www.gnu.org/licenses/gpl-3.0.html"
VALUE "OriginalFilename", "rufus-4.6.exe"
VALUE "ProductName", "Rufus"
VALUE "ProductVersion", "4.6.2203"
VALUE "ProductVersion", "4.6.2204"
END
END
BLOCK "VarFileInfo"
Expand Down
10 changes: 7 additions & 3 deletions src/vhd.c
Original file line number Diff line number Diff line change
Expand Up @@ -729,7 +729,7 @@ BOOL WimExtractFile(const char* image, int index, const char* src, const char* d
/// <returns>TRUE if the index was found in the image, FALSE otherwise.</returns>
BOOL WimIsValidIndex(const char* image, int index)
{
int i = 1;
int i = 1, cur_index;
BOOL r = FALSE;
DWORD dw = 0;
HANDLE hWim = NULL;
Expand Down Expand Up @@ -768,7 +768,9 @@ BOOL WimIsValidIndex(const char* image, int index)
goto out;

while ((str = get_token_data_file_indexed("IMAGE INDEX", xml_file, i)) != NULL) {
if (atoi(str) == index) {
cur_index = atoi(str);
safe_free(str);
if (cur_index == index) {
r = TRUE;
break;
}
Expand Down Expand Up @@ -1061,7 +1063,7 @@ static DWORD WINAPI VhdSaveImageThread(void* param)

r = 0;
UpdateProgressWithInfo(OP_FORMAT, MSG_261, SelectedDrive.DiskSize, SelectedDrive.DiskSize);
uprintf("Operation complete.");
uprintf("Saved '%s'", img_save->ImagePath);

out:
safe_closehandle(overlapped.hEvent);
Expand Down Expand Up @@ -1100,6 +1102,8 @@ static DWORD WINAPI FfuSaveImageThread(void* param)
safe_free(img_save->DevicePath);
safe_free(img_save->ImagePath);
PostMessage(hMainDialog, UM_FORMAT_COMPLETED, (WPARAM)TRUE, 0);
if (!IS_ERROR(ErrorStatus))
uprintf("Saved '%s'", img_save->ImagePath);
ExitThread(r);
}

Expand Down
22 changes: 18 additions & 4 deletions src/wue.c
Original file line number Diff line number Diff line change
Expand Up @@ -806,12 +806,14 @@ BOOL ApplyWindowsCustomization(char drive_letter, int flags)
char appraiserres_dll_dst[] = "?:\\sources\\appraiserres.bak";
char setup_exe[] = "?:\\setup.exe";
char setup_dll[] = "?:\\setup.dll";
char md5sum_path[] = "?:\\md5sum.txt";
char *mount_path = NULL, path[MAX_PATH];
uint8_t* buf = NULL;
uint16_t setup_arch;
HKEY hKey = NULL, hSubKey = NULL;
LSTATUS status;
DWORD dwDisp, dwVal = 1, dwSize;
FILE* fd_md5sum;

assert(unattend_xml_path != NULL);
uprintf("Applying Windows customization:");
Expand Down Expand Up @@ -854,6 +856,7 @@ BOOL ApplyWindowsCustomization(char drive_letter, int flags)
if (img_report.win_version.build >= 26000) {
setup_exe[0] = drive_letter;
setup_dll[0] = drive_letter;
md5sum_path[0] = drive_letter;
dwSize = read_file(setup_exe, &buf);
if (dwSize != 0) {
setup_arch = GetPeArch(buf);
Expand All @@ -864,13 +867,24 @@ BOOL ApplyWindowsCustomization(char drive_letter, int flags)
uprintf("Could not rename '%s': %s", setup_exe, WindowsErrorString());
} else {
uprintf("Renamed '%s' → '%s'", setup_exe, setup_dll);
uprintf("Created '%s' bypass wrapper (from embedded)", setup_exe);
buf = GetResource(hMainInstance, MAKEINTRESOURCEA(setup_arch == IMAGE_FILE_MACHINE_AMD64 ? IDR_SETUP_X64 : IDR_SETUP_ARM64),
_RT_RCDATA, "setup.exe", &dwSize, FALSE);
if (buf == NULL)
if (buf == NULL) {
uprintf("Could not access embedded 'setup.exe'");
else
write_file(setup_exe, buf, dwSize);
} else if (write_file(setup_exe, buf, dwSize) == dwSize) {
uprintf("Created '%s' bypass wrapper (from embedded)", setup_exe);
if (validate_md5sum) {
if ((fd_md5sum = fopenU(md5sum_path, "ab")) != NULL) {
fprintf(fd_md5sum, "00000000000000000000000000000000 ./setup.dll\n");
fclose(fd_md5sum);
}
StrArrayAdd(&modified_files, setup_exe, TRUE);
StrArrayAdd(&modified_files, setup_dll, TRUE);
md5sum_totalbytes += dwSize;
}
} else {
uprintf("Could not create '%s' bypass wrapper", setup_exe);
}
}
}
}
Expand Down

0 comments on commit 5439ca8

Please sign in to comment.