Add some more validation to {FFmpeg,RAIntegration}DownloaderForm

YoshiRulz · YoshiRulz · commit 1983966d18df · 2025-04-10T21:44:46.000+10:00
see #4275
diff --git a/src/BizHawk.Client.EmuHawk/AVOut/FFmpegDownloaderForm.cs b/src/BizHawk.Client.EmuHawk/AVOut/FFmpegDownloaderForm.cs
@@ -1,6 +1,7 @@
 using System.IO;
 
 using BizHawk.Common;
+using BizHawk.Common.IOExtensions;
 
 namespace BizHawk.Client.EmuHawk
 {
@@ -30,5 +31,8 @@ protected override Stream GetExtractionStream(HawkFile downloaded)
 
 		protected override bool PostChmodCheck()
 			=> FFmpegService.QueryServiceAvailable();
+
+		protected override bool PreChmodCheck(FileStream extracted)
+			=> SHA256Checksum.ComputeDigestHex(extracted.ReadAllBytes()) == FFmpegService.DownloadSHA256Checksum;
 	}
 }
diff --git a/src/BizHawk.Client.EmuHawk/DownloaderForm.cs b/src/BizHawk.Client.EmuHawk/DownloaderForm.cs
@@ -104,6 +104,8 @@ private void Download()
 					//last chance. exiting, don't dump the new file
 					if (_exiting) return;
 					exStream.CopyTo(fs);
+					fs.Position = 0L;
+					if (!PreChmodCheck(fs)) throw new Exception("download failed (pre-chmod validation)");
 					fs.Dispose();
 					if (OSTailoredCode.IsUnixHost)
 					{
@@ -113,7 +115,7 @@ private void Download()
 				}
 
 				//make sure it worked
-				if (!PostChmodCheck()) throw new Exception("download failed");
+				if (!PostChmodCheck()) throw new Exception("download failed (post-chmod validation)");
 
 				_succeeded = true;
 			}
@@ -141,6 +143,9 @@ protected virtual Stream GetExtractionStream(HawkFile downloaded)
 		protected virtual bool PostChmodCheck()
 			=> true;
 
+		protected virtual bool PreChmodCheck(FileStream extracted)
+			=> true;
+
 		private void btnDownload_Click(object sender, EventArgs e)
 		{
 			btnDownload.Text = "Downloading...";
diff --git a/src/BizHawk.Client.EmuHawk/RetroAchievements/RAIntegrationDownloaderForm.cs b/src/BizHawk.Client.EmuHawk/RetroAchievements/RAIntegrationDownloaderForm.cs
@@ -2,6 +2,7 @@
 
 using BizHawk.Common;
 using BizHawk.Common.PathExtensions;
+using BizHawk.Common.StringExtensions;
 
 namespace BizHawk.Client.EmuHawk
 {
@@ -15,6 +16,11 @@ protected override string ComponentName
 
 		public RAIntegrationDownloaderForm(string downloadFrom)
 		{
+			var downloadDomainName = downloadFrom.RemovePrefix("https://").SubstringBefore('/');
+			if (!(downloadDomainName is "retroachievements.org" || downloadDomainName.EndsWith(".retroachievements.org")))
+			{
+				throw new ArgumentException(paramName: nameof(downloadFrom), message: "untrusted hostname");
+			}
 			Description = string.Empty;
 			DownloadFrom = downloadFrom;
 			DownloadTo = Path.Combine(PathUtils.DataDirectoryPath, "dll", "RA_Integration-x64.dll");
diff --git a/src/BizHawk.Common/FFmpegService.cs b/src/BizHawk.Common/FFmpegService.cs
@@ -17,8 +17,15 @@ public static class FFmpegService
 
 		private const string BIN_HOST_URI_WIN_X64 = "https://github.com/TASEmulators/ffmpeg-binaries/raw/master/ffmpeg-4.4.1-static-windows-x64.7z";
 
+		private const string BIN_SHA256_LINUX_X64 = "3EA58083710F63BF920B16C7D5D24AE081E7D731F57A656FED11AF0410D4EB48";
+
+		private const string BIN_SHA256_WIN_X64 = "8436760AF8F81C95EFF92D854A7684E6D3CEDB872888420359FC45C8EB2664AC";
+
 		private const string VERSION = "ffmpeg version 4.4.1";
 
+		public static string DownloadSHA256Checksum
+			=> OSTailoredCode.IsUnixHost ? BIN_SHA256_LINUX_X64 : BIN_SHA256_WIN_X64;
+
 		public static string FFmpegPath => Path.Combine(PathUtils.DataDirectoryPath, "dll", OSTailoredCode.IsUnixHost ? "ffmpeg" : "ffmpeg.exe");
 
 		public static readonly string Url = OSTailoredCode.IsUnixHost ? BIN_HOST_URI_LINUX_X64 : BIN_HOST_URI_WIN_X64;

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,7 @@`
`1`	`1`	`using System.IO;`
`2`	`2`
`3`	`3`	`using BizHawk.Common;`
	`4`	`+using BizHawk.Common.IOExtensions;`
`4`	`5`
`5`	`6`	`namespace BizHawk.Client.EmuHawk`
`6`	`7`	`{`
`@@ -30,5 +31,8 @@ protected override Stream GetExtractionStream(HawkFile downloaded)`
`30`	`31`
`31`	`32`	`protected override bool PostChmodCheck()`
`32`	`33`	`=> FFmpegService.QueryServiceAvailable();`
	`34`	`+`
	`35`	`+ protected override bool PreChmodCheck(FileStream extracted)`
	`36`	`+ => SHA256Checksum.ComputeDigestHex(extracted.ReadAllBytes()) == FFmpegService.DownloadSHA256Checksum;`
`33`	`37`	`}`
`34`	`38`	`}`
Original file line number	Diff line number	Diff line change
`@@ -104,6 +104,8 @@ private void Download()`
`104`	`104`	`//last chance. exiting, don't dump the new file`
`105`	`105`	`if (_exiting) return;`
`106`	`106`	`exStream.CopyTo(fs);`
	`107`	`+ fs.Position = 0L;`
	`108`	`+ if (!PreChmodCheck(fs)) throw new Exception("download failed (pre-chmod validation)");`
`107`	`109`	`fs.Dispose();`
`108`	`110`	`if (OSTailoredCode.IsUnixHost)`
`109`	`111`	`{`
`@@ -113,7 +115,7 @@ private void Download()`
`113`	`115`	`}`
`114`	`116`
`115`	`117`	`//make sure it worked`
`116`		`- if (!PostChmodCheck()) throw new Exception("download failed");`
	`118`	`+ if (!PostChmodCheck()) throw new Exception("download failed (post-chmod validation)");`
`117`	`119`
`118`	`120`	`_succeeded = true;`
`119`	`121`	`}`
`@@ -141,6 +143,9 @@ protected virtual Stream GetExtractionStream(HawkFile downloaded)`
`141`	`143`	`protected virtual bool PostChmodCheck()`
`142`	`144`	`=> true;`
`143`	`145`
	`146`	`+ protected virtual bool PreChmodCheck(FileStream extracted)`
	`147`	`+ => true;`
	`148`	`+`
`144`	`149`	`private void btnDownload_Click(object sender, EventArgs e)`
`145`	`150`	`{`
`146`	`151`	`btnDownload.Text = "Downloading...";`