From 5439ca8a8325bec0bb2ac015d6ada9005d6d30ad Mon Sep 17 00:00:00 2001
From: Pete Batard <pete@akeo.ie>
Date: Thu, 10 Oct 2024 13:04:58 +0100
Subject: [PATCH] [md5sum] fix md5sum computation for the setup wrapper

* Also fix a couple small memory leaks and potential NULL deref.
* Also report saved path when saving to image.
---
 src/hash.c   | 18 ++++++++----------
 src/iso.c    |  2 +-
 src/rufus.c  |  2 ++
 src/rufus.h  |  1 +
 src/rufus.rc | 10 +++++-----
 src/vhd.c    | 10 +++++++---
 src/wue.c    | 22 ++++++++++++++++++----
 7 files changed, 42 insertions(+), 23 deletions(-)

diff --git a/src/hash.c b/src/hash.c
index 1b0b2ce9f19..ee21cc51e1f 100644
--- a/src/hash.c
+++ b/src/hash.c
@@ -2158,9 +2158,11 @@ static BOOL IsRevokedBySvn(uint8_t* buf, uint32_t len)
 		if (rsrc_rva != 0) {
 			if (rsrc_len == sizeof(uint32_t)) {
 				svn_ver = (uint32_t*)RvaToPhysical(buf, rsrc_rva);
-				uuprintf("  SVN version: %d.%d", *svn_ver >> 16, *svn_ver & 0xffff);
-				if (svn_ver != NULL && *svn_ver < sbat_entries[i].version)
-					return TRUE;
+				if (svn_ver != NULL) {
+					uuprintf("  SVN version: %d.%d", *svn_ver >> 16, *svn_ver & 0xffff);
+					if (*svn_ver < sbat_entries[i].version)
+						return TRUE;
+				}
 			} else {
 				uprintf("WARNING: Unexpected Secure Version Number size");
 			}
@@ -2264,12 +2266,12 @@ void UpdateMD5Sum(const char* dest_dir, const char* md5sum_name)
 	char *md5_data = NULL, *new_data = NULL, *str_pos, *d, *s, *p;
 
 	if (!img_report.has_md5sum && !validate_md5sum)
-		goto out;
+		return;
 
 	static_sprintf(md5_path, "%s\\%s", dest_dir, md5sum_name);
 	md5_size = read_file(md5_path, (uint8_t**)&md5_data);
 	if (md5_size == 0)
-		goto out;
+		return;
 
 	for (i = 0; i < modified_files.Index; i++) {
 		for (j = 0; j < (uint32_t)strlen(modified_files.String[i]); j++)
@@ -2301,7 +2303,7 @@ void UpdateMD5Sum(const char* dest_dir, const char* md5sum_name)
 		new_data = malloc(md5_size + 1024);
 		assert(new_data != NULL);
 		if (new_data == NULL)
-			goto out;
+			return;
 		// Will be nonzero if we created the file, otherwise zero
 		if (md5sum_totalbytes != 0) {
 			snprintf(new_data, md5_size + 1024, "# md5sum_totalbytes = 0x%llx\n", md5sum_totalbytes);
@@ -2372,10 +2374,6 @@ void UpdateMD5Sum(const char* dest_dir, const char* md5sum_name)
 
 	write_file(md5_path, md5_data, md5_size);
 	free(md5_data);
-
-out:
-	// We no longer need the string array at this stage
-	StrArrayDestroy(&modified_files);
 }
 
 #if defined(_DEBUG) || defined(TEST) || defined(ALPHA)
diff --git a/src/iso.c b/src/iso.c
index eed8c5a3d18..ab043607737 100644
--- a/src/iso.c
+++ b/src/iso.c
@@ -1134,7 +1134,7 @@ BOOL ExtractISO(const char* src_iso, const char* dest_dir, BOOL scan)
 		last_nb_blocks = 0;
 		iso_blocking_status = 0;
 		symlinked_syslinux[0] = 0;
-		StrArrayCreate(&modified_files, 8);
+		StrArrayClear(&modified_files);
 		if (validate_md5sum) {
 			md5sum_totalbytes = 0;
 			// If there isn't an already existing md5sum.txt create one
diff --git a/src/rufus.c b/src/rufus.c
index 2f317ae5160..0ed225bddfa 100755
--- a/src/rufus.c
+++ b/src/rufus.c
@@ -2103,6 +2103,7 @@ static void InitDialog(HWND hDlg)
 	// Create the string arrays
 	StrArrayCreate(&BlockingProcessList, 16);
 	StrArrayCreate(&ImageList, 16);
+	StrArrayCreate(&modified_files, 8);
 	// Set various checkboxes
 	CheckDlgButton(hDlg, IDC_QUICK_FORMAT, BST_CHECKED);
 	CheckDlgButton(hDlg, IDC_EXTENDED_LABEL, BST_CHECKED);
@@ -2277,6 +2278,7 @@ static INT_PTR CALLBACK MainCallback(HWND hDlg, UINT message, WPARAM wParam, LPA
 			StopProcessSearch();
 			StrArrayDestroy(&BlockingProcessList);
 			StrArrayDestroy(&ImageList);
+			StrArrayDestroy(&modified_files);
 			DestroyAllTooltips();
 			DestroyWindow(hLogDialog);
 			GetWindowRect(hDlg, &relaunch_rc);
diff --git a/src/rufus.h b/src/rufus.h
index 1d5a7adba34..0f3d44bc911 100644
--- a/src/rufus.h
+++ b/src/rufus.h
@@ -710,6 +710,7 @@ extern unsigned long syslinux_ldlinux_len[2];
 extern char ubuffer[UBUFFER_SIZE], embedded_sl_version_str[2][12];
 extern char szFolderPath[MAX_PATH], app_dir[MAX_PATH], temp_dir[MAX_PATH], system_dir[MAX_PATH];
 extern char sysnative_dir[MAX_PATH], app_data_dir[MAX_PATH], *image_path, *fido_url;
+extern StrArray modified_files;
 
 /*
  * Shared prototypes
diff --git a/src/rufus.rc b/src/rufus.rc
index a810002702c..cffac279efd 100644
--- a/src/rufus.rc
+++ b/src/rufus.rc
@@ -33,7 +33,7 @@ LANGUAGE LANG_NEUTRAL, SUBLANG_NEUTRAL
 IDD_DIALOG DIALOGEX 12, 12, 232, 326
 STYLE DS_SETFONT | DS_MODALFRAME | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU
 EXSTYLE WS_EX_ACCEPTFILES
-CAPTION "Rufus 4.6.2203"
+CAPTION "Rufus 4.6.2204"
 FONT 9, "Segoe UI Symbol", 400, 0, 0x0
 BEGIN
     LTEXT           "Drive Properties",IDS_DRIVE_PROPERTIES_TXT,8,6,53,12,NOT WS_GROUP
@@ -399,8 +399,8 @@ END
 //
 
 VS_VERSION_INFO VERSIONINFO
- FILEVERSION 4,6,2203,0
- PRODUCTVERSION 4,6,2203,0
+ FILEVERSION 4,6,2204,0
+ PRODUCTVERSION 4,6,2204,0
  FILEFLAGSMASK 0x3fL
 #ifdef _DEBUG
  FILEFLAGS 0x1L
@@ -418,13 +418,13 @@ BEGIN
             VALUE "Comments", "https://rufus.ie"
             VALUE "CompanyName", "Akeo Consulting"
             VALUE "FileDescription", "Rufus"
-            VALUE "FileVersion", "4.6.2203"
+            VALUE "FileVersion", "4.6.2204"
             VALUE "InternalName", "Rufus"
             VALUE "LegalCopyright", "© 2011-2024 Pete Batard (GPL v3)"
             VALUE "LegalTrademarks", "https://www.gnu.org/licenses/gpl-3.0.html"
             VALUE "OriginalFilename", "rufus-4.6.exe"
             VALUE "ProductName", "Rufus"
-            VALUE "ProductVersion", "4.6.2203"
+            VALUE "ProductVersion", "4.6.2204"
         END
     END
     BLOCK "VarFileInfo"
diff --git a/src/vhd.c b/src/vhd.c
index 4446d89ad49..a184b2f63e1 100644
--- a/src/vhd.c
+++ b/src/vhd.c
@@ -729,7 +729,7 @@ BOOL WimExtractFile(const char* image, int index, const char* src, const char* d
 /// <returns>TRUE if the index was found in the image, FALSE otherwise.</returns>
 BOOL WimIsValidIndex(const char* image, int index)
 {
-	int i = 1;
+	int i = 1, cur_index;
 	BOOL r = FALSE;
 	DWORD dw = 0;
 	HANDLE hWim = NULL;
@@ -768,7 +768,9 @@ BOOL WimIsValidIndex(const char* image, int index)
 		goto out;
 
 	while ((str = get_token_data_file_indexed("IMAGE INDEX", xml_file, i)) != NULL) {
-		if (atoi(str) == index) {
+		cur_index = atoi(str);
+		safe_free(str);
+		if (cur_index == index) {
 			r = TRUE;
 			break;
 		}
@@ -1061,7 +1063,7 @@ static DWORD WINAPI VhdSaveImageThread(void* param)
 
 	r = 0;
 	UpdateProgressWithInfo(OP_FORMAT, MSG_261, SelectedDrive.DiskSize, SelectedDrive.DiskSize);
-	uprintf("Operation complete.");
+	uprintf("Saved '%s'", img_save->ImagePath);
 
 out:
 	safe_closehandle(overlapped.hEvent);
@@ -1100,6 +1102,8 @@ static DWORD WINAPI FfuSaveImageThread(void* param)
 	safe_free(img_save->DevicePath);
 	safe_free(img_save->ImagePath);
 	PostMessage(hMainDialog, UM_FORMAT_COMPLETED, (WPARAM)TRUE, 0);
+	if (!IS_ERROR(ErrorStatus))
+		uprintf("Saved '%s'", img_save->ImagePath);
 	ExitThread(r);
 }
 
diff --git a/src/wue.c b/src/wue.c
index d7b14cf4e4e..8281a6f4693 100644
--- a/src/wue.c
+++ b/src/wue.c
@@ -806,12 +806,14 @@ BOOL ApplyWindowsCustomization(char drive_letter, int flags)
 	char appraiserres_dll_dst[] = "?:\\sources\\appraiserres.bak";
 	char setup_exe[] = "?:\\setup.exe";
 	char setup_dll[] = "?:\\setup.dll";
+	char md5sum_path[] = "?:\\md5sum.txt";
 	char *mount_path = NULL, path[MAX_PATH];
 	uint8_t* buf = NULL;
 	uint16_t setup_arch;
 	HKEY hKey = NULL, hSubKey = NULL;
 	LSTATUS status;
 	DWORD dwDisp, dwVal = 1, dwSize;
+	FILE* fd_md5sum;
 
 	assert(unattend_xml_path != NULL);
 	uprintf("Applying Windows customization:");
@@ -854,6 +856,7 @@ BOOL ApplyWindowsCustomization(char drive_letter, int flags)
 			if (img_report.win_version.build >= 26000) {
 				setup_exe[0] = drive_letter;
 				setup_dll[0] = drive_letter;
+				md5sum_path[0] = drive_letter;
 				dwSize = read_file(setup_exe, &buf);
 				if (dwSize != 0) {
 					setup_arch = GetPeArch(buf);
@@ -864,13 +867,24 @@ BOOL ApplyWindowsCustomization(char drive_letter, int flags)
 						uprintf("Could not rename '%s': %s", setup_exe, WindowsErrorString());
 					} else {
 						uprintf("Renamed '%s' → '%s'", setup_exe, setup_dll);
-						uprintf("Created '%s' bypass wrapper (from embedded)", setup_exe);
 						buf = GetResource(hMainInstance, MAKEINTRESOURCEA(setup_arch == IMAGE_FILE_MACHINE_AMD64 ? IDR_SETUP_X64 : IDR_SETUP_ARM64),
 							_RT_RCDATA, "setup.exe", &dwSize, FALSE);
-						if (buf == NULL)
+						if (buf == NULL) {
 							uprintf("Could not access embedded 'setup.exe'");
-						else
-							write_file(setup_exe, buf, dwSize);
+						} else if (write_file(setup_exe, buf, dwSize) == dwSize) {
+							uprintf("Created '%s' bypass wrapper (from embedded)", setup_exe);
+							if (validate_md5sum) {
+								if ((fd_md5sum = fopenU(md5sum_path, "ab")) != NULL) {
+									fprintf(fd_md5sum, "00000000000000000000000000000000  ./setup.dll\n");
+									fclose(fd_md5sum);
+								}
+								StrArrayAdd(&modified_files, setup_exe, TRUE);
+								StrArrayAdd(&modified_files, setup_dll, TRUE);
+								md5sum_totalbytes += dwSize;
+							}
+						} else {
+							uprintf("Could not create '%s' bypass wrapper", setup_exe);
+						}
 					}
 				}
 			}