From 1cac3fbe6318e271f6a5b4367480c3e5a1a2f188 Mon Sep 17 00:00:00 2001
From: Katayama Hirofumi MZ <katayama.hirofumi.mz@gmail.com>
Date: Sun, 27 Jan 2019 17:44:34 +0900
Subject: [PATCH] [WIN32SS][NTGDI] Fix NtGdiSetBitmapBits in buffer size
 (#1313)

Let NtGdiSetBitmapBits function fail if buffer size was greater than 564. CORE-15657
---
 win32ss/gdi/ntgdi/bitmaps.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/win32ss/gdi/ntgdi/bitmaps.c b/win32ss/gdi/ntgdi/bitmaps.c
index c98259967ef..b12603d754f 100644
--- a/win32ss/gdi/ntgdi/bitmaps.c
+++ b/win32ss/gdi/ntgdi/bitmaps.c
@@ -617,6 +617,12 @@ NtGdiSetBitmapBits(
         return 0;
     }
 
+    /* 565 is confirmed value in Win2k3 */
+    if (Bytes >= 565)
+    {
+        return 0;
+    }
+
     if (GDI_HANDLE_IS_STOCKOBJ(hBitmap))
     {
         return 0;