Results 1 to 2 of 2

Thread: RegistryKey.GetValue C# Bug Discovered - Could Affect All My MOH Applications

  1. #1

    Default RegistryKey.GetValue C# Bug Discovered - Could Affect All My MOH Applications

    I noticed on my laptop running Windows XP SP3 that MOH: Downloader and MOH: Query Launcher could not properly detect my MOHAA path from the registry.

    More specifically:

    string keyName = "HKEY_CURRENT_USER\\Software\\2015\\MOHAA";
    MOHAAPath = Registry.GetValue(keyName, "basepath", "").ToString();

    Resulted in a value of:

    "C:\\Games\\MOHAA_TEST\0 \0\0\0\0\0\0\0\0\0\0\a\0\a\0w\b\0(\0\0\08DD \0\0C:\\Games\\MOHAA_TEST\0 \0\0\0\0\0\0\0\0\0\0\0\a\0n\b\0\0\0\0pDD \0\0fs_game\0 \0\0\0\0\0"
    Notice the garbage trailing characters from reading the registry using GetValue? What's weird is it only happened on my laptop. This bug could affect all of my programs...

    Getting a value like that is not normal and was labeled a bug according to this guy:

    I have just encountered the same problem on Windows XP Professional SP3 (client).

    And based on what I have read:

    "If the data has the REG_SZ, REG_MULTI_SZ or REG_EXPAND_SZ type, the string may not have been stored with the proper terminating null characters. Therefore, even if the function returns ERROR_SUCCESS, the application should ensure that the string is properly terminated before using it; otherwise, it may overwrite a buffer. (Note that REG_MULTI_SZ strings should have two terminating null characters.) One way an application can ensure that the string is properly terminated is to use RegGetValue, which adds terminating null characters if needed."

    "RegQueryValueEx will append a missing \0 for type REG_xxx_SZ if there is room, but it will leave it non-terminated if there is no room."

    And after a disassembly of mscorlib.dll using Lutz Roeder's Reflector...

    I conclude there is indeed a bug in Microsoft.Win32.RegistryKey.GetValue(String) (or RegQueryValueEx depending on how you see it) when the registry value is a REG_SZ stored without a null terminator.

    The code for RegistryKey.GetValue() allocates a StringBuilder of exactly the size reported from prior call to RegQueryValueEx, and re-executes RegQueryValueEx. And since the stored string was not null terminated, and the StringBuilder has "no room"... <something happened> that led to random characters being appended (probably reading into a memory location that shouldn't be read).

    This is very unfortunate as I will need to write a workaround using PInvoke to get to the values I need as I cannot depend on Microsoft patching the machine my application will be deployed on nor will I be able to deploy my application with the fix.
    So, I wasn't sure what to do, but I came up with a fix. After you get the value from Registry.GetValue, send it to this function:

    public static string stripInvalidCharsFromRegistryStr(string str)
    if (str.Contains(Convert.ToChar(0x0).ToString()))
    str = str.Substring(0, str.IndexOf(Convert.ToChar(0x0).ToString()));

    return str;

    I tested it with a path of C:\Games\0 and it did not remove the 0 for the folder name since that is valid, so it should work every time and strip out those invalid chars.

    Figured I'd share this in case someone on the interwebs needs it. Is there a better solution? My solution is assuming the garbage characters start with a \0 unicode null. I will test some more on other XP virtual machines to see if the solution holds up.
    Browse MOHAA Servers Post GameSpy Era


    Medal of Honor: Game Server Browser Fixer - Patches your MOHAA, MOHSH, and MOHBT game binaries to allow you to retrieve a list of game servers within the multi-player menu in-game even after GameSpy ceases operation!

    Medal of Honor: Query Launcher - Find, browse, organize, join, get your ping, and get more information regarding all Medal of Honor (AA, SH, & BT) servers from your PC at any time!
    Medal of Honor: Web Server Master List - Find and browse all Medal of Honor servers online using your browser!
    Add your Medal of Honor Server to the Master List
    YouTube Video for Medal of Honor: Query Launcher and MOHAASERVERS.TK!

    MOHAA Mods and Utilities
    OwN-3m-All's Mods
    Make Me Stock - A program that allows you to easily move-in and move-out non-stock mods and other files at the click of a button. Automates adding / removing mods without having to copy / move files manually.

    Quality Game Servers

    Rent dedicated Dallas Texas, Kansas City, Las Vegas Nevada, Chicago, Pennsylvania, and Sofia Bulgaria MOHAA and other game servers from We Be HostiN starting at $10 a month.

  2. #2
    Administrator James's Avatar
    Join Date
    May 2010
    on the intraweb


    Nice find and work around own3mall. Thanks for sharing!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts