Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-11-19 05:22:59 +00:00
Code Issues Projects Releases Packages Wiki Activity

[NTGDI] Fix potential BSOD 0x1E CORE-17626

Browse source 
in CreateDIBPalette() when passing invalid arguments to CreateDIBSection.
This could be triggered by using the broken test-application "GDIProg".

After this patch not only the BSOD is fixed but also the app does
properly start up, like it is the case on 2k3sp2.

Thanks to the patches author Doug Lyons.
This commit is contained in:
Joachim Henze 2021-06-19 17:41:49 +02:00
parent 560fdd150a
commit 514147776a
1 changed files with 23 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
win32ss/gdi/ntgdi/dibobj.c
View file

@ -45,6 +45,8 @@ CreateDIBPalette(
{
PPALETTE ppal;
ULONG i, cBitsPixel, cColors;
RGBQUAD rgb;
NTSTATUS Status;
if (pbmi->bmiHeader.biSize < sizeof(BITMAPINFOHEADER))
{
@ -133,12 +135,28 @@ CreateDIBPalette(
/* Loop all color indices in the DIB */
for (i = 0; i < cColors; i++)
{
/* Get the color value and translate it to a COLORREF */
RGBQUAD rgb = prgb[i];
COLORREF crColor = RGB(rgb.rgbRed, rgb.rgbGreen, rgb.rgbBlue);
/* User SEH to verify READ success */
Status = STATUS_SUCCESS;
_SEH2_TRY
{
rgb = prgb[i];
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
Status = _SEH2_GetExceptionCode();
/* On Read Failure, put zero in Palette */
PALETTE_vSetRGBColorForIndex(ppal, i, 0);
}
_SEH2_END
/* Set the RGB value in the palette */
PALETTE_vSetRGBColorForIndex(ppal, i, crColor);
if(NT_SUCCESS(Status))
{
/* Get the color value and translate it to a COLORREF */
COLORREF crColor = RGB(rgb.rgbRed, rgb.rgbGreen, rgb.rgbBlue);
/* Set the RGB value in the palette */
PALETTE_vSetRGBColorForIndex(ppal, i, crColor);
}
}
}
else