(PUP-10943) Puppet read registry until WCHAR_NULL #8533
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
On Windows, it is possible to have a registry that contains corrupted data after the WCHAR_NULL characters, that can break puppet when reading the registy. Part of the fix was done in PUP-10536, but when the WCHAR_NULL from the registry is \u0000 instead of \u0000\u0000, the split did not work. Now WCHAR_NULL is forced encoded to UTF-16LE, meaning `\u000` so puppet will now stop at the WCHAR_NULL char. The initial issue can be reproduced by importing file.reg using `reg import .\file.reg` ----file.reg---- Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PUP105360000] "DisplayName"="PUP105" "DisplayVersion"=hex(2):32,0,0,0,f3,23,8a,bc,fa,7f,0,0,10,65,74,b9,fa,7f,0,0,90,d8,55,6f,59
GabrielNagy
approved these changes
Mar 9, 2021
This was referenced Mar 17, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
On Windows, it is possible to have a registry that contains corrupted
data after the WCHAR_NULL characters, that can break puppet when reading
the registy.
Part of the fix was done in PUP-10536, but when the WCHAR_NULL from the
registry is \u0000 instead of \u0000\u0000, the split did not work.
Now WCHAR_NULL is forced encoded to UTF-16LE, meaning
\u000so puppetwill now stop at the WCHAR_NULL char.
The initial issue can be reproduced by importing file.reg using
reg import .\file.reg----file.reg----
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PUP105360000]
"DisplayName"="PUP105"
"DisplayVersion"=hex(2):32,0,0,0,f3,23,8a,bc,fa,7f,0,0,10,65,74,b9,fa,7f,0,0,90,d8,55,6f,59