diff options
Diffstat (limited to 'src/engine/variable.cpp')
| -rw-r--r-- | src/engine/variable.cpp | 114 |
1 files changed, 75 insertions, 39 deletions
diff --git a/src/engine/variable.cpp b/src/engine/variable.cpp index 3425b92c..8b6b318b 100644 --- a/src/engine/variable.cpp +++ b/src/engine/variable.cpp | |||
| @@ -54,7 +54,14 @@ static HRESULT FormatString( | |||
| 54 | __in_z LPCWSTR wzIn, | 54 | __in_z LPCWSTR wzIn, |
| 55 | __out_z_opt LPWSTR* psczOut, | 55 | __out_z_opt LPWSTR* psczOut, |
| 56 | __out_opt DWORD* pcchOut, | 56 | __out_opt DWORD* pcchOut, |
| 57 | __in BOOL fObfuscateHiddenVariables | 57 | __in BOOL fObfuscateHiddenVariables, |
| 58 | __out BOOL* pfContainsHiddenVariable | ||
| 59 | ); | ||
| 60 | static HRESULT GetFormatted( | ||
| 61 | __in BURN_VARIABLES* pVariables, | ||
| 62 | __in_z LPCWSTR wzVariable, | ||
| 63 | __out_z LPWSTR* psczValue, | ||
| 64 | __out BOOL* pfContainsHiddenVariable | ||
| 58 | ); | 65 | ); |
| 59 | static HRESULT AddBuiltInVariable( | 66 | static HRESULT AddBuiltInVariable( |
| 60 | __in BURN_VARIABLES* pVariables, | 67 | __in BURN_VARIABLES* pVariables, |
| @@ -629,43 +636,18 @@ LExit: | |||
| 629 | extern "C" HRESULT VariableGetFormatted( | 636 | extern "C" HRESULT VariableGetFormatted( |
| 630 | __in BURN_VARIABLES* pVariables, | 637 | __in BURN_VARIABLES* pVariables, |
| 631 | __in_z LPCWSTR wzVariable, | 638 | __in_z LPCWSTR wzVariable, |
| 632 | __out_z LPWSTR* psczValue | 639 | __out_z LPWSTR* psczValue, |
| 640 | __out BOOL* pfContainsHiddenVariable | ||
| 633 | ) | 641 | ) |
| 634 | { | 642 | { |
| 635 | HRESULT hr = S_OK; | 643 | HRESULT hr = S_OK; |
| 636 | BURN_VARIABLE* pVariable = NULL; | ||
| 637 | LPWSTR scz = NULL; | ||
| 638 | |||
| 639 | ::EnterCriticalSection(&pVariables->csAccess); | ||
| 640 | 644 | ||
| 641 | hr = GetVariable(pVariables, wzVariable, &pVariable); | 645 | if (pfContainsHiddenVariable) |
| 642 | if (SUCCEEDED(hr) && BURN_VARIANT_TYPE_NONE == pVariable->Value.Type) | ||
| 643 | { | 646 | { |
| 644 | ExitFunction1(hr = E_NOTFOUND); | 647 | *pfContainsHiddenVariable = FALSE; |
| 645 | } | ||
| 646 | else if (E_NOTFOUND == hr) | ||
| 647 | { | ||
| 648 | ExitFunction(); | ||
| 649 | } | 648 | } |
| 650 | ExitOnFailure(hr, "Failed to get variable: %ls", wzVariable); | ||
| 651 | 649 | ||
| 652 | if (BURN_VARIANT_TYPE_FORMATTED == pVariable->Value.Type) | 650 | hr = GetFormatted(pVariables, wzVariable, psczValue, pfContainsHiddenVariable); |
| 653 | { | ||
| 654 | hr = BVariantGetString(&pVariable->Value, &scz); | ||
| 655 | ExitOnFailure(hr, "Failed to get unformatted string."); | ||
| 656 | |||
| 657 | hr = VariableFormatString(pVariables, scz, psczValue, NULL); | ||
| 658 | ExitOnFailure(hr, "Failed to format value '%ls' of variable: %ls", pVariable->fHidden ? L"*****" : pVariable->Value.sczValue, wzVariable); | ||
| 659 | } | ||
| 660 | else | ||
| 661 | { | ||
| 662 | hr = BVariantGetString(&pVariable->Value, psczValue); | ||
| 663 | ExitOnFailure(hr, "Failed to get value as string for variable: %ls", wzVariable); | ||
| 664 | } | ||
| 665 | |||
| 666 | LExit: | ||
| 667 | ::LeaveCriticalSection(&pVariables->csAccess); | ||
| 668 | StrSecureZeroFreeString(scz); | ||
| 669 | 651 | ||
| 670 | return hr; | 652 | return hr; |
| 671 | } | 653 | } |
| @@ -736,7 +718,7 @@ extern "C" HRESULT VariableFormatString( | |||
| 736 | __out_opt DWORD* pcchOut | 718 | __out_opt DWORD* pcchOut |
| 737 | ) | 719 | ) |
| 738 | { | 720 | { |
| 739 | return FormatString(pVariables, wzIn, psczOut, pcchOut, FALSE); | 721 | return FormatString(pVariables, wzIn, psczOut, pcchOut, FALSE, NULL); |
| 740 | } | 722 | } |
| 741 | 723 | ||
| 742 | extern "C" HRESULT VariableFormatStringObfuscated( | 724 | extern "C" HRESULT VariableFormatStringObfuscated( |
| @@ -746,7 +728,7 @@ extern "C" HRESULT VariableFormatStringObfuscated( | |||
| 746 | __out_opt DWORD* pcchOut | 728 | __out_opt DWORD* pcchOut |
| 747 | ) | 729 | ) |
| 748 | { | 730 | { |
| 749 | return FormatString(pVariables, wzIn, psczOut, pcchOut, TRUE); | 731 | return FormatString(pVariables, wzIn, psczOut, pcchOut, TRUE, NULL); |
| 750 | } | 732 | } |
| 751 | 733 | ||
| 752 | extern "C" HRESULT VariableEscapeString( | 734 | extern "C" HRESULT VariableEscapeString( |
| @@ -1116,7 +1098,8 @@ static HRESULT FormatString( | |||
| 1116 | __in_z LPCWSTR wzIn, | 1098 | __in_z LPCWSTR wzIn, |
| 1117 | __out_z_opt LPWSTR* psczOut, | 1099 | __out_z_opt LPWSTR* psczOut, |
| 1118 | __out_opt DWORD* pcchOut, | 1100 | __out_opt DWORD* pcchOut, |
| 1119 | __in BOOL fObfuscateHiddenVariables | 1101 | __in BOOL fObfuscateHiddenVariables, |
| 1102 | __out BOOL* pfContainsHiddenVariable | ||
| 1120 | ) | 1103 | ) |
| 1121 | { | 1104 | { |
| 1122 | HRESULT hr = S_OK; | 1105 | HRESULT hr = S_OK; |
| @@ -1204,20 +1187,22 @@ static HRESULT FormatString( | |||
| 1204 | } | 1187 | } |
| 1205 | else | 1188 | else |
| 1206 | { | 1189 | { |
| 1207 | if (fObfuscateHiddenVariables) | 1190 | hr = VariableIsHidden(pVariables, scz, &fHidden); |
| 1191 | ExitOnFailure(hr, "Failed to determine variable visibility: '%ls'.", scz); | ||
| 1192 | |||
| 1193 | if (pfContainsHiddenVariable) | ||
| 1208 | { | 1194 | { |
| 1209 | hr = VariableIsHidden(pVariables, scz, &fHidden); | 1195 | *pfContainsHiddenVariable |= fHidden; |
| 1210 | ExitOnFailure(hr, "Failed to determine variable visibility: '%ls'.", scz); | ||
| 1211 | } | 1196 | } |
| 1212 | 1197 | ||
| 1213 | if (fHidden) | 1198 | if (fObfuscateHiddenVariables && fHidden) |
| 1214 | { | 1199 | { |
| 1215 | hr = StrAllocString(&rgVariables[cVariables], L"*****", 0); | 1200 | hr = StrAllocString(&rgVariables[cVariables], L"*****", 0); |
| 1216 | } | 1201 | } |
| 1217 | else | 1202 | else |
| 1218 | { | 1203 | { |
| 1219 | // get formatted variable value | 1204 | // get formatted variable value |
| 1220 | hr = VariableGetFormatted(pVariables, scz, &rgVariables[cVariables]); | 1205 | hr = GetFormatted(pVariables, scz, &rgVariables[cVariables], pfContainsHiddenVariable); |
| 1221 | if (E_NOTFOUND == hr) // variable not found | 1206 | if (E_NOTFOUND == hr) // variable not found |
| 1222 | { | 1207 | { |
| 1223 | hr = StrAllocStringSecure(&rgVariables[cVariables], L"", 0); | 1208 | hr = StrAllocStringSecure(&rgVariables[cVariables], L"", 0); |
| @@ -1327,6 +1312,57 @@ LExit: | |||
| 1327 | return hr; | 1312 | return hr; |
| 1328 | } | 1313 | } |
| 1329 | 1314 | ||
| 1315 | // The contents of psczOut may be sensitive, should keep encrypted and SecureZeroFree. | ||
| 1316 | static HRESULT GetFormatted( | ||
| 1317 | __in BURN_VARIABLES* pVariables, | ||
| 1318 | __in_z LPCWSTR wzVariable, | ||
| 1319 | __out_z LPWSTR* psczValue, | ||
| 1320 | __out BOOL* pfContainsHiddenVariable | ||
| 1321 | ) | ||
| 1322 | { | ||
| 1323 | HRESULT hr = S_OK; | ||
| 1324 | BURN_VARIABLE* pVariable = NULL; | ||
| 1325 | LPWSTR scz = NULL; | ||
| 1326 | |||
| 1327 | ::EnterCriticalSection(&pVariables->csAccess); | ||
| 1328 | |||
| 1329 | hr = GetVariable(pVariables, wzVariable, &pVariable); | ||
| 1330 | if (SUCCEEDED(hr) && BURN_VARIANT_TYPE_NONE == pVariable->Value.Type) | ||
| 1331 | { | ||
| 1332 | ExitFunction1(hr = E_NOTFOUND); | ||
| 1333 | } | ||
| 1334 | else if (E_NOTFOUND == hr) | ||
| 1335 | { | ||
| 1336 | ExitFunction(); | ||
| 1337 | } | ||
| 1338 | ExitOnFailure(hr, "Failed to get variable: %ls", wzVariable); | ||
| 1339 | |||
| 1340 | if (pfContainsHiddenVariable) | ||
| 1341 | { | ||
| 1342 | *pfContainsHiddenVariable |= pVariable->fHidden; | ||
| 1343 | } | ||
| 1344 | |||
| 1345 | if (BURN_VARIANT_TYPE_FORMATTED == pVariable->Value.Type) | ||
| 1346 | { | ||
| 1347 | hr = BVariantGetString(&pVariable->Value, &scz); | ||
| 1348 | ExitOnFailure(hr, "Failed to get unformatted string."); | ||
| 1349 | |||
| 1350 | hr = FormatString(pVariables, scz, psczValue, NULL, FALSE, pfContainsHiddenVariable); | ||
| 1351 | ExitOnFailure(hr, "Failed to format value '%ls' of variable: %ls", pVariable->fHidden ? L"*****" : pVariable->Value.sczValue, wzVariable); | ||
| 1352 | } | ||
| 1353 | else | ||
| 1354 | { | ||
| 1355 | hr = BVariantGetString(&pVariable->Value, psczValue); | ||
| 1356 | ExitOnFailure(hr, "Failed to get value as string for variable: %ls", wzVariable); | ||
| 1357 | } | ||
| 1358 | |||
| 1359 | LExit: | ||
| 1360 | ::LeaveCriticalSection(&pVariables->csAccess); | ||
| 1361 | StrSecureZeroFreeString(scz); | ||
| 1362 | |||
| 1363 | return hr; | ||
| 1364 | } | ||
| 1365 | |||
| 1330 | static HRESULT AddBuiltInVariable( | 1366 | static HRESULT AddBuiltInVariable( |
| 1331 | __in BURN_VARIABLES* pVariables, | 1367 | __in BURN_VARIABLES* pVariables, |
| 1332 | __in LPCWSTR wzVariable, | 1368 | __in LPCWSTR wzVariable, |