Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

98 lines
1.9 KiB

  1. #include <windows.h>
  2. #include <wincrypt.h>
  3. #include <autoenr.h>
  4. #include <cryptui.h>
  5. #include <stdio.h>
  6. #include <certca.h>
  7. #include <stdlib.h>
  8. #define wszInvalidFileAndKeyChars L"<>\"/\\:|?*"
  9. #define wszUnsafeURLChars L"#\"&<>[]^`{}|"
  10. #define wszUnsafeDSChars L"()='\"`,;+"
  11. #define wszSANITIZEESCAPECHAR L"!"
  12. #define wszURLESCAPECHAR L"%"
  13. #define wcSANITIZEESCAPECHAR L'!'
  14. BOOL
  15. myIsCharSanitized(
  16. IN WCHAR wc)
  17. {
  18. BOOL fCharOk = TRUE;
  19. if (L' ' > wc ||
  20. L'~' < wc ||
  21. NULL != wcschr(
  22. wszInvalidFileAndKeyChars
  23. wszUnsafeURLChars
  24. wszSANITIZEESCAPECHAR
  25. wszURLESCAPECHAR
  26. wszUnsafeDSChars,
  27. wc))
  28. {
  29. fCharOk = FALSE;
  30. }
  31. return(fCharOk);
  32. }
  33. PWCHAR
  34. mySanitizeName(
  35. IN WCHAR const *pwszName
  36. )
  37. {
  38. HRESULT hr = S_OK;
  39. WCHAR const *pwszPassedName;
  40. WCHAR *pwszDst;
  41. WCHAR *pwszOut = NULL;
  42. WCHAR wcChar;
  43. DWORD dwSize;
  44. pwszPassedName = pwszName;
  45. dwSize = 0;
  46. if (NULL == pwszName)
  47. {
  48. return NULL;
  49. }
  50. while (L'\0' != (wcChar = *pwszPassedName++))
  51. {
  52. if (myIsCharSanitized(wcChar))
  53. {
  54. dwSize++;
  55. }
  56. else
  57. {
  58. dwSize += 5; // format !XXXX
  59. }
  60. }
  61. if (0 == dwSize)
  62. {
  63. return NULL;
  64. }
  65. pwszOut = (WCHAR *) LocalAlloc(LMEM_ZEROINIT, (dwSize + 1) * sizeof(WCHAR));
  66. if (NULL == pwszOut)
  67. {
  68. return NULL;
  69. }
  70. pwszDst = pwszOut;
  71. while (L'\0' != (wcChar = *pwszName++))
  72. {
  73. if (myIsCharSanitized(wcChar))
  74. {
  75. *pwszDst = wcChar;
  76. pwszDst++;
  77. }
  78. else
  79. {
  80. wsprintf(pwszDst, L"%ws", wszSANITIZEESCAPECHAR);
  81. pwszDst++;
  82. wsprintf(pwszDst, L"%04x", wcChar);
  83. pwszDst += 4;
  84. }
  85. }
  86. *pwszDst = wcChar; // L'\0' terminator
  87. return pwszOut;
  88. }