Client code - Bug 1234401 - check that the patch dir subdirectory is valid. r=mhowell

2024-11-24 05:11:16 +00:00 · 2017-04-28 16:37:37 -07:00 · 2017-04-28 16:37:37 -07:00 · 35aaed5fff
commit 35aaed5fff
parent d83fb7cf3d
1 changed files with 16 additions and 0 deletions
--- a/toolkit/components/maintenanceservice/workmonitor.cpp
+++ b/toolkit/components/maintenanceservice/workmonitor.cpp
@ -25,6 +25,8 @@
 #include "pathhash.h"
 #include "errors.h"

+#define PATCH_DIR_PATH L"\\updates\\0"
+
 // Wait 15 minutes for an update operation to run at most.
 // Updates usually take less than a minute so this seems like a
 // significantly large and safe amount of time to wait.
@ -596,6 +598,20 @@ ExecuteServiceCommand(int argc, LPWSTR *argv)
      return FALSE;
    }

+    // The patch directory path must end with updates\0 to use the maintenance
+    // service.
+    size_t fullPathLen = NS_tstrlen(argv[4]);
+    size_t relPathLen = NS_tstrlen(PATCH_DIR_PATH);
+    if (relPathLen > fullPathLen) {
+      LOG_WARN(("The patch directory path length is not valid for this application."));
+      return FALSE;
+    }
+
+    if (_wcsnicmp(argv[4] + fullPathLen - relPathLen, PATCH_DIR_PATH, relPathLen) != 0) {
+      LOG_WARN(("The patch directory path subdirectory is not valid for this application."));
+      return FALSE;
+    }
+
    // This check is also performed in updater.cpp and is performed here
    // as well since the maintenance service can be called directly.
    if (argc < 5 || !IsValidFullPath(argv[5])) {