[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <5221F186.5060808@hardfalcon.net>
Date: Sat, 31 Aug 2013 15:37:10 +0200
From: hardfalcon@...dfalcon.net
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Defense in depth -- the Microsoft way (part
9): erroneous documentation
I am truly shocked that seemingly, stuff like this needs to be said in
the year of 2013. I'd have supposed that things like these should be
known by *anyone* doing anything even remotely similar to software
development *at least* since the end of the 8.3 filename era 15 years
ago. Are you sure this is real and not a prank? o_O
regards
Pascal Ernster
On 31.08.2013 12:58, Stefan Kanthak wrote:
> Hi,
>
> in <http://seclists.org/fulldisclosure/2013/Aug/75> I documented
> beginners errors (unquoted pathnames containing spaces) not only
> in Microsoft products.
>
> Microsofts developer documentation but shows these beginners errors
> too (and is inconsistent, even in single topics).
>
> Examples:
>
> <http://msdn.microsoft.com/library/cc144171.aspx>
>
> | HKEY_CLASSES_ROOT
> | txtile
> ...
> | Shell
> ...
> | cmd2
> ...
> | command
> | (Default) = C:\Program Files\Windows NT\Accessories\wordpad.exe %1
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~
>
> <http://msdn.microsoft.com/library/bb165967.aspx>
>
> | [HKEY_CLASSES_ROOT\Applications\VSLauncher.exe\Shell\Open\Command]
> | @="C:\\Program Files\\Common Files\\Microsoft Shared\\MSEnv\\VSLauncher.exe \"%1\""
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> | [HKEY_CLASSES_ROOT\VisualStudio.csproj.8.0\shell\Open\Command]
> | @="\"C:\\Program Files\\Common Files\\Microsoft Shared\\MSEnv\\VSLauncher.exe\" \"%1\""
>
>
> <http://msdn.microsoft.com/library/cc144083.aspx>
>
> | HKEY_LOCAL_MACHINE
> | SOFTWARE
> | Classes
> | contoso-search
> | shell
> | open
> | command
> | (Default) = "%ProgramFiles%\Contoso\Search\contososearch.exe %1"
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~
>
> <http://msdn.microsoft.com/library/cc144154.aspx>
>
> | HKEY_LOCAL_MACHINE
> | SOFTWARE
> | Classes
> | LitwarePlayer11.AssocFile....
> ...
> | shell
> | open
> | command
> | (Default) = %ProgramFiles%\Litware\litware.exe
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> <http://msdn.microsoft.com/library/hh127450.aspx>
>
> | HKEY_CLASSES_ROOT
> | CLSID
> | {0052D9FC-6764-4D29-A66F-2F3BD9E2BB40}
> | Shell
> | Open
> | Command
> | (Default) = [REG_EXPAND_SZ] %ProgramFiles%\MyCorp\MyApp.exe /Settings
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
>
> <http://msdn.microsoft.com/library/cc144188.aspx>
>
> | <sh:task id="{3B75A7AE-C4E4-4E5A-9420-7CECCDA75425}">
> | <!-- This is a generated GUID, specific to this task link -->
> | <sh:name>@myTextResources.dll,-100</sh:name>
> | <sh:keywords>@myTextResources.dll,-101</sh:keywords>
> | <sh:command>%ProgramFiles%\Microsoft Games\Solitaire\solitaire.exe</sh:command>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> | </sh:task>
>
>
> Example with ambiguous/inconsistent use of quotes:
>
> <http://msdn.microsoft.com/en-us/library/aa767914.aspx>
>
> | HKEY_CLASSES_ROOT
> | alert
> | (Default) = "URL:Alert Protocol"
> ^ ^
> | URL Protocol = ""
> ^^
> | DefaultIcon
> | (Default) = "alert.exe,1"
> ^ ^
> | shell
> | open
> | command
> | (Default) = "C:\Program Files\Alert\alert.exe" "%1"
>
>
> Counterexamples:
>
> <http://msdn.microsoft.com/library/cc144175.aspx>
> <http://msdn.microsoft.com/library/cc144101.aspx>
>
> | Note: If any element of the command string contains or might contain
> | spaces, it must be enclosed in quotation marks. Otherwise, if the
> | element contains a space, it will not parse correctly. For instance,
> | "My Program.exe" starts the application properly. If you use
> | My Program.exe without quotation marks, then the system attempts to
> | launch My with Program.exe as its first command line argument. You
> | should always use quotation marks with arguments such as "%1" that are
> | expanded to strings by the Shell, because you cannot be certain that
> | the string will not contain a space.
>
>
> <http://msdn.microsoft.com/library/dd203067.aspx>
> <http://msdn.microsoft.com/library/cc144109.aspx>
>
>
> regards
> Stefan Kanthak
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists