Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-12-29 10:35:28 +00:00
Code Issues Projects Releases Packages Wiki Activity

BRUSH_GetObject:

Browse source 
- return sizeof(LOBRUSH) not BRUSHOBJ
- don't return 0 on too small usermode buffer
NtGdiExtGetObjectW:
- remove unnecessary hacks
- no need to align usermode buffer to words
- add ENUMLOGFONTEXDVW, wich should be the biggest structure needed
more fixes for fonts and extpens needed in the corresponding subfunctions, but all of my other tests pass now.

svn path=/trunk/; revision=26565
This commit is contained in:
Timo Kreuzer 2007-04-28 21:53:06 +00:00
parent 8d57329f09
commit 9d118cb21a
2 changed files with 17 additions and 66 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
reactos/subsystems/win32/win32k/objects/brush.c
View file

@ -52,9 +52,8 @@ BRUSH_Cleanup(PVOID ObjectBody)
INT FASTCALL INT FASTCALL
BRUSH_GetObject (PGDIBRUSHOBJ BrushObject, INT Count, LPLOGBRUSH Buffer) BRUSH_GetObject (PGDIBRUSHOBJ BrushObject, INT Count, LPLOGBRUSH Buffer)
{ {
if( Buffer == NULL ) return sizeof(BRUSHOBJ); if( Buffer == NULL ) return sizeof(LOGBRUSH);
if (Count == 0) return 0; if (Count == 0) return 0;
if ((UINT)Count < sizeof(BRUSHOBJ)) return 0;
/* Set colour */ /* Set colour */
Buffer->lbColor = BrushObject->BrushAttr.lbColor; Buffer->lbColor = BrushObject->BrushAttr.lbColor;
@ -106,7 +105,7 @@ BRUSH_GetObject (PGDIBRUSHOBJ BrushObject, INT Count, LPLOGBRUSH Buffer)
*/ */
/* FIXME */ /* FIXME */
return sizeof(BRUSHOBJ); return sizeof(LOGBRUSH);
} }

78
reactos/subsystems/win32/win32k/objects/dc.c
View file

@ -1817,92 +1817,44 @@ NtGdiExtGetObjectW(IN HANDLE hGdiObj,
OUT LPVOID lpBuffer) OUT LPVOID lpBuffer)
{ {
INT iRetCount = 0; INT iRetCount = 0;
INT iObjectType; INT cbCopyCount;
INT cbRealCount = cbCount;
union union
{ {
BITMAP bmpObject; BITMAP bitmap;
DIBSECTION disObject; DIBSECTION dibsection;
LOGPEN lgpObject; LOGPEN logpen;
LOGBRUSH lgbObject; LOGBRUSH logbrush;
LOGFONTW lgfObject; LOGFONTW logfontw;
EXTLOGFONTW elgfObject; EXTLOGFONTW extlogfontw;
ENUMLOGFONTEXDVW enumlogfontexdvw;
} Object; } Object;
// // Normalize to the largest supported object size
// Get the object type cbCount = min((UINT)cbCount, sizeof(Object));
//
iObjectType = GDIOBJ_GetObjectType(hGdiObj);
//
// Check if the given size is too large
//
if (cbCount > sizeof(Object))
{
//
// Normalize to the largest supported object size
//
DPRINT1("cbCount too big!\n");
cbCount = sizeof(Object);
}
//
// Check if this is a brush
//
if (iObjectType == GDI_OBJECT_TYPE_BRUSH)
{
//
// Windows GDI Hack: Manually correct the size
//
cbCount = sizeof(LOGBRUSH);
}
//
// Now do the actual call // Now do the actual call
//
iRetCount = IntGdiGetObject(hGdiObj, cbCount, lpBuffer ? &Object : NULL); iRetCount = IntGdiGetObject(hGdiObj, cbCount, lpBuffer ? &Object : NULL);
cbCopyCount = min((UINT)cbCount, (UINT)iRetCount);
// // Make sure we have a buffer and a copy size
// Check if this is a brush if ((cbCopyCount) && (lpBuffer))
//
if (iObjectType == GDI_OBJECT_TYPE_BRUSH)
{ {
//
// Fixup the size to account for our previous fixup
//
cbCount = min(cbCount, cbRealCount);
}
//
// Make sure we have a buffer and a return size
//
if ((iRetCount) && (lpBuffer))
{
//
// Enter SEH for buffer transfer // Enter SEH for buffer transfer
//
_SEH_TRY _SEH_TRY
{ {
//
// Probe the buffer and copy it // Probe the buffer and copy it
// ProbeForWrite(lpBuffer, cbCopyCount, 1);
ProbeForWrite(lpBuffer, min(cbCount, cbRealCount), sizeof(WORD)); RtlCopyMemory(lpBuffer, &Object, cbCopyCount);
RtlCopyMemory(lpBuffer, &Object, min(cbCount, cbRealCount));
} }
_SEH_HANDLE _SEH_HANDLE
{ {
//
// Clear the return value. // Clear the return value.
// Do *NOT* set last error here! // Do *NOT* set last error here!
//
iRetCount = 0; iRetCount = 0;
} }
_SEH_END; _SEH_END;
} }
//
// Return the count // Return the count
//
return iRetCount; return iRetCount;
} }