Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-08-06 08:43:03 +00:00
Code Issues Projects Releases Packages Wiki Activity

- BITMAP_Cleanup: Fix leak of DIBSECTION structure; remove redundant ifs.

Browse source 
- NtGdi(Get|Set)BitmapDimension: SEHify; set ERROR_INVALID_HANDLE on a bad non-NULL bitmap.
- NtGdiGetDCforBitmap: Don't crash on bad bitmap.

svn path=/trunk/; revision=34288
This commit is contained in:
Jeffrey Morlan 2008-07-04 00:05:31 +00:00
parent 8bf777a515
commit 8912b7b4c8
1 changed files with 44 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

54
reactos/subsystems/win32/win32k/objects/bitmaps.c
View file

@ -133,13 +133,11 @@ BITMAP_Cleanup(PVOID ObjectBody)
{ {
if (pBmp->dib == NULL) if (pBmp->dib == NULL)
{ {
if (pBmp->SurfObj.pvBits != NULL) ExFreePool(pBmp->SurfObj.pvBits);
ExFreePool(pBmp->SurfObj.pvBits);
} }
else else
{ {
if (pBmp->SurfObj.pvBits != NULL) EngFreeUserMem(pBmp->SurfObj.pvBits);
EngFreeUserMem(pBmp->SurfObj.pvBits);
} }
if (pBmp->hDIBPalette != NULL) if (pBmp->hDIBPalette != NULL)
{ {
@ -153,6 +151,9 @@ BITMAP_Cleanup(PVOID ObjectBody)
pBmp->BitsLock = NULL; pBmp->BitsLock = NULL;
} }
if (pBmp->dib)
ExFreePoolWithTag(pBmp->dib, TAG_DIB);
return TRUE; return TRUE;
} }
@ -218,18 +219,32 @@ NtGdiGetBitmapDimension(
LPSIZE Dimension) LPSIZE Dimension)
{ {
PBITMAPOBJ bmp; PBITMAPOBJ bmp;
BOOL Ret = TRUE;
if (hBitmap == NULL)
return FALSE;
bmp = BITMAPOBJ_LockBitmap(hBitmap); bmp = BITMAPOBJ_LockBitmap(hBitmap);
if (bmp == NULL) if (bmp == NULL)
{ {
SetLastWin32Error(ERROR_INVALID_HANDLE);
return FALSE; return FALSE;
} }
*Dimension = bmp->dimension; _SEH_TRY
{
ProbeForWrite(Dimension, sizeof(SIZE), 1);
*Dimension = bmp->dimension;
}
_SEH_HANDLE
{
Ret = FALSE;
}
_SEH_END
BITMAPOBJ_UnlockBitmap(bmp); BITMAPOBJ_UnlockBitmap(bmp);
return TRUE; return Ret;
} }
COLORREF STDCALL COLORREF STDCALL
@ -504,23 +519,39 @@ NtGdiSetBitmapDimension(
LPSIZE Size) LPSIZE Size)
{ {
PBITMAPOBJ bmp; PBITMAPOBJ bmp;
BOOL Ret = TRUE;
if (hBitmap == NULL)
return FALSE;
bmp = BITMAPOBJ_LockBitmap(hBitmap); bmp = BITMAPOBJ_LockBitmap(hBitmap);
if (bmp == NULL) if (bmp == NULL)
{ {
SetLastWin32Error(ERROR_INVALID_HANDLE);
return FALSE; return FALSE;
} }
if (Size) if (Size)
{ {
*Size = bmp->dimension; _SEH_TRY
{
ProbeForWrite(Size, sizeof(SIZE), 1);
*Size = bmp->dimension;
}
_SEH_HANDLE
{
Ret = FALSE;
}
_SEH_END
} }
/* The dimension is changed even if writing the old value failed */
bmp->dimension.cx = Width; bmp->dimension.cx = Width;
bmp->dimension.cy = Height; bmp->dimension.cy = Height;
BITMAPOBJ_UnlockBitmap (bmp); BITMAPOBJ_UnlockBitmap (bmp);
return TRUE; return Ret;
} }
BOOL STDCALL BOOL STDCALL
@ -746,8 +777,11 @@ NtGdiGetDCforBitmap(
{ {
HDC hDC = NULL; HDC hDC = NULL;
PBITMAPOBJ bmp = BITMAPOBJ_LockBitmap( hsurf ); PBITMAPOBJ bmp = BITMAPOBJ_LockBitmap( hsurf );
hDC = bmp->hDC; if (bmp)
BITMAPOBJ_UnlockBitmap( bmp ); {
hDC = bmp->hDC;
BITMAPOBJ_UnlockBitmap( bmp );
}
return hDC; return hDC;
} }