diff --git a/src/bled/decompress_bunzip2.c b/src/bled/decompress_bunzip2.c index 913051f5..8facca53 100644 --- a/src/bled/decompress_bunzip2.c +++ b/src/bled/decompress_bunzip2.c @@ -680,6 +680,8 @@ int FAST_FUNC start_bunzip(bunzip_data **bdp, int in_fd, /* Allocate bunzip_data. Most fields initialize to zero. */ bd = *bdp = xzalloc(i); + if (bd == NULL) + return -1; /* Setup input buffer */ bd->in_fd = in_fd; @@ -743,6 +745,8 @@ unpack_bz2_stream(transformer_state_t *xstate) return -1; outbuf = xmalloc(IOBUF_SIZE); + if (outbuf == NULL) + return -1; len = 0; while (1) { /* "Process one BZ... stream" loop */ diff --git a/src/bled/decompress_gunzip.c b/src/bled/decompress_gunzip.c index f163485e..69aeaabf 100644 --- a/src/bled/decompress_gunzip.c +++ b/src/bled/decompress_gunzip.c @@ -1039,6 +1039,8 @@ inflate_unzip(transformer_state_t *xstate) DECLARE_STATE; ALLOC_STATE; + if (state == NULL) + return -1; to_read = xstate->bytes_in; // bytebuffer_max = 0x8000; @@ -1212,9 +1214,13 @@ unpack_gz_stream(transformer_state_t *xstate) total = 0; ALLOC_STATE; + if (state == NULL) + return -1; to_read = -1; // bytebuffer_max = 0x8000; bytebuffer = xmalloc(bytebuffer_max); + if (bytebuffer == NULL) + return -1; gunzip_src_fd = xstate->src_fd; again: diff --git a/src/bled/decompress_unlzma.c b/src/bled/decompress_unlzma.c index 049d3651..55e5d9ef 100644 --- a/src/bled/decompress_unlzma.c +++ b/src/bled/decompress_unlzma.c @@ -79,6 +79,8 @@ static ALWAYS_INLINE rc_t* rc_init(int fd) /*, int buffer_size) */ rc_t *rc; rc = xzalloc(sizeof(*rc) + RC_BUFFER_SIZE); + if (rc == NULL) + return NULL; rc->fd = fd; /* rc->ptr = rc->buffer_end; */ diff --git a/src/bled/decompress_unzip.c b/src/bled/decompress_unzip.c index 66a82f15..8c8fcad4 100644 --- a/src/bled/decompress_unzip.c +++ b/src/bled/decompress_unzip.c @@ -169,6 +169,8 @@ static uint32_t find_cdf_offset(int fd) off_t end; unsigned char *buf = xzalloc(PEEK_FROM_END); + if (buf == NULL) + return 0; end = lseek(fd, 0, SEEK_END); end -= PEEK_FROM_END; if (end < 0) @@ -216,7 +218,8 @@ static uint32_t read_next_cdf(int fd, uint32_t cdf_offset, cdf_header_t *cdf_ptr if (cdf_offset != BAD_CDF_OFFSET) { lseek(fd, cdf_offset + 4, SEEK_SET); - _read(fd, cdf_ptr->raw, CDF_HEADER_LEN); + if (_read(fd, cdf_ptr->raw, CDF_HEADER_LEN) != CDF_HEADER_LEN) + return 0; FIX_ENDIANNESS_CDF(*cdf_ptr); cdf_offset += 4 + CDF_HEADER_LEN + cdf_ptr->formatted.file_name_length diff --git a/src/bled/init_handle.c b/src/bled/init_handle.c index cbae06ac..92a1cfa6 100644 --- a/src/bled/init_handle.c +++ b/src/bled/init_handle.c @@ -12,6 +12,8 @@ archive_handle_t* FAST_FUNC init_handle(void) /* Initialize default values */ archive_handle = xzalloc(sizeof(archive_handle_t)); + if (archive_handle == NULL) + return NULL; archive_handle->file_header = xzalloc(sizeof(file_header_t)); archive_handle->action_header = header_skip; archive_handle->action_data = data_skip; diff --git a/src/format.c b/src/format.c index c73100d6..b6642d06 100644 --- a/src/format.c +++ b/src/format.c @@ -1478,12 +1478,12 @@ static BOOL WriteDrive(HANDLE hPhysicalDrive, HANDLE hSourceImage) { BOOL s, ret = FALSE; LARGE_INTEGER li; - DWORD rSize, wSize, xSize, BufSize; + DWORD i, rSize, wSize, xSize, BufSize; uint64_t wb, target_size = hSourceImage?img_report.image_size:SelectedDrive.DiskSize; int64_t bled_ret; - uint8_t *buffer = NULL; - uint8_t *cmp_buffer = NULL; - int i, *ptr, zero_data, throttle_fast_zeroing = 0; + uint8_t* buffer = NULL; + uint32_t zero_data, *cmp_buffer = NULL; + int throttle_fast_zeroing = 0; if (SelectedDrive.SectorSize < 512) { uprintf("Unexpected sector size (%d) - Aborting", SelectedDrive.SectorSize); @@ -1539,13 +1539,15 @@ static BOOL WriteDrive(HANDLE hPhysicalDrive, HANDLE hSourceImage) // Clear buffer memset(buffer, fast_zeroing ? 0xff : 0x00, BufSize); - cmp_buffer = (uint8_t*)_mm_malloc(BufSize, SelectedDrive.SectorSize); - if (cmp_buffer == NULL) { - FormatStatus = ERROR_SEVERITY_ERROR | FAC(FACILITY_STORAGE) | ERROR_NOT_ENOUGH_MEMORY; - uprintf("Could not allocate disk comparison buffer"); - goto out; + if (fast_zeroing) { + cmp_buffer = (uint32_t*)_mm_malloc(BufSize, SelectedDrive.SectorSize); + if (cmp_buffer == NULL) { + FormatStatus = ERROR_SEVERITY_ERROR | FAC(FACILITY_STORAGE) | ERROR_NOT_ENOUGH_MEMORY; + uprintf("Could not allocate disk comparison buffer"); + goto out; + } + assert((uintptr_t)cmp_buffer % SelectedDrive.SectorSize == 0); } - assert((uintptr_t)cmp_buffer % SelectedDrive.SectorSize == 0); // Don't bother trying for something clever, using double buffering overlapped and whatnot: // With Windows' default optimizations, sync read + sync write for sequential operations @@ -1585,22 +1587,17 @@ static BOOL WriteDrive(HANDLE hPhysicalDrive, HANDLE hSourceImage) // Read block and compare against the block that needs to be written s = ReadFile(hPhysicalDrive, cmp_buffer, rSize, &xSize, NULL); if ((!s) || (xSize != rSize) ) { - uprintf("Read error: Could not read data for comparison - %s", WindowsErrorString()); + uprintf("Read error: Could not read data for fast zeroing comparison - %s", WindowsErrorString()); goto out; } - // Check for an empty block - ptr = (int*)(cmp_buffer); - // Get first element - zero_data = ptr[0]; + // Check for an empty block by comparing with the first element + zero_data = cmp_buffer[0]; // Check all bits are the same - if ((zero_data == 0) || (zero_data == -1)) { + if ((zero_data == 0) || (zero_data == 0xffffffff)) { // Compare the rest of the block against the first element - for (i = 1; i < (int)(rSize / sizeof(int)); i++) { - if (ptr[i] != zero_data) - break; - } - if (i >= (int)(rSize / sizeof(int))) { + for (i = 1; (i < rSize / sizeof(uint32_t)) && (cmp_buffer[i] == zero_data); i++); + if (i >= rSize / sizeof(uint32_t)) { // Block is empty, skip write wSize = rSize; continue; diff --git a/src/net.c b/src/net.c index 77fbcc9b..375f9536 100644 --- a/src/net.c +++ b/src/net.c @@ -985,13 +985,21 @@ static DWORD WINAPI DownloadISOThread(LPVOID param) close_fido_cookie_prompts = FALSE; if ((dwExitCode == 0) && PeekNamedPipe(hPipe, NULL, dwPipeSize, NULL, &dwAvail, NULL) && (dwAvail != 0)) { url = malloc(dwAvail + 1); + dwSize = 0; if ((url != NULL) && ReadFile(hPipe, url, dwAvail, &dwSize, NULL) && (dwSize > 4)) { #else { { url = strdup(FORCE_URL); dwSize = (DWORD)strlen(FORCE_URL); #endif IMG_SAVE img_save = { 0 }; - url[dwSize] = 0; +// WTF is wrong with Microsoft's static analyzer reporting a potential buffer overflow here?!? +#if defined(_MSC_VER) +#pragma warning(disable: 6386) +#endif + url[min(dwSize, dwAvail)] = 0; +#if defined(_MSC_VER) +#pragma warning(default: 6386) +#endif EXT_DECL(img_ext, GetShortName(url), __VA_GROUP__("*.iso"), __VA_GROUP__(lmprintf(MSG_036))); img_save.Type = IMG_SAVE_TYPE_ISO; img_save.ImagePath = FileDialog(TRUE, NULL, &img_ext, 0); diff --git a/src/rufus.rc b/src/rufus.rc index 15b5d291..c076f7c5 100644 --- a/src/rufus.rc +++ b/src/rufus.rc @@ -33,7 +33,7 @@ LANGUAGE LANG_NEUTRAL, SUBLANG_NEUTRAL IDD_DIALOG DIALOGEX 12, 12, 232, 326 STYLE DS_SETFONT | DS_MODALFRAME | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU EXSTYLE WS_EX_ACCEPTFILES -CAPTION "Rufus 3.13.1715" +CAPTION "Rufus 3.13.1716" FONT 9, "Segoe UI Symbol", 400, 0, 0x0 BEGIN LTEXT "Drive Properties",IDS_DRIVE_PROPERTIES_TXT,8,6,53,12,NOT WS_GROUP @@ -395,8 +395,8 @@ END // VS_VERSION_INFO VERSIONINFO - FILEVERSION 3,13,1715,0 - PRODUCTVERSION 3,13,1715,0 + FILEVERSION 3,13,1716,0 + PRODUCTVERSION 3,13,1716,0 FILEFLAGSMASK 0x3fL #ifdef _DEBUG FILEFLAGS 0x1L @@ -414,13 +414,13 @@ BEGIN VALUE "Comments", "https://rufus.ie" VALUE "CompanyName", "Akeo Consulting" VALUE "FileDescription", "Rufus" - VALUE "FileVersion", "3.13.1715" + VALUE "FileVersion", "3.13.1716" VALUE "InternalName", "Rufus" VALUE "LegalCopyright", "© 2011-2020 Pete Batard (GPL v3)" VALUE "LegalTrademarks", "https://www.gnu.org/licenses/gpl-3.0.html" VALUE "OriginalFilename", "rufus-3.13.exe" VALUE "ProductName", "Rufus" - VALUE "ProductVersion", "3.13.1715" + VALUE "ProductVersion", "3.13.1716" END END BLOCK "VarFileInfo"