Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-01-01 03:54:02 +00:00
Code Issues Projects Releases Packages Wiki Activity

[WIN32K]

Browse source 
- Fix a bug in EngLoadModuleEx
- Fix a bug in co_IntLoadSysMenuTemplate
- Fix / improve a number of annotations
- Improve code in NtGdiExtGetObjectW
- Check return value of ZwAllocateVirtualMemory and handle error in GdiPoolAllocate
- Fix possible memory leaks in NtGdiPolyDraw
- Check for NtGdiExtCreatePen == NULL instead of passing it to ProbeForRead in NtGdiExtCreatePen
- Simplify code in NtGdiGetTextMetricsW
- Fix a number of format specifiers

svn path=/trunk/; revision=58434
This commit is contained in:
Timo Kreuzer 2013-03-05 08:47:51 +00:00
parent 74f7fce21f
commit b17a7cae7a
15 changed files with 86 additions and 49 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
reactos/include/psdk/ntgdi.h
View file

@ -1169,6 +1169,7 @@ APIENTRY
NtGdiGetColorSpaceforBitmap(
_In_ HBITMAP hsurf);
_Success_(return != FALSE)
W32KAPI
BOOL
APIENTRY
@ -2253,6 +2254,7 @@ NtGdiGetTextExtent(
_Out_ LPSIZE psize,
_In_ UINT flOpts);
_Success_(return != FALSE)
W32KAPI
BOOL
APIENTRY
@ -2372,6 +2374,7 @@ NtGdiMoveTo(
_In_ INT y,
_Out_opt_ LPPOINT pptOut);
_Success_(return != 0)
W32KAPI
INT
APIENTRY

6
reactos/win32ss/gdi/eng/bitblt.c
View file

@ -305,10 +305,10 @@ EngBitBlt(
_In_opt_ CLIPOBJ *pco,
_In_opt_ XLATEOBJ *pxlo,
_In_ RECTL *prclTrg,
_When_(psoSrc, _In_) POINTL *pptlSrc,
_When_(psoMask, _In_) POINTL *pptlMask,
_In_opt_ POINTL *pptlSrc,
_In_opt_ POINTL *pptlMask,
_In_opt_ BRUSHOBJ *pbo,
_When_(pbo, _In_) POINTL *pptlBrush,
_In_opt_ POINTL *pptlBrush,
_In_ ROP4 rop4)
{
BYTE clippingType;

6
reactos/win32ss/gdi/eng/engevent.c
View file

@ -15,10 +15,12 @@
/* PUBLIC FUNCTIONS ***********************************************************/
_Must_inspect_result_
_Success_(return != FALSE)
BOOL
APIENTRY
EngCreateEvent(
_Deref_out_opt_ PEVENT* Event)
_Outptr_ PEVENT *ppEvent)
{
BOOLEAN Result = TRUE;
PENG_EVENT EngEvent;
@ -39,7 +41,7 @@ EngCreateEvent(
FALSE);
/* Pass pointer to our structure to the caller */
*Event = EngEvent;
*ppEvent = EngEvent;
DPRINT("EngCreateEvent() created %p\n", EngEvent);
}
else

4
reactos/win32ss/gdi/eng/float.c
View file

@ -18,7 +18,7 @@
BOOL
APIENTRY
EngRestoreFloatingPointState(
_In_ VOID *Buffer)
PVOID Buffer)
{
NTSTATUS Status;
@ -34,7 +34,7 @@ EngRestoreFloatingPointState(
ULONG
APIENTRY
EngSaveFloatingPointState(
VOID *Buffer,
PVOID Buffer,
ULONG BufferSize)
{
KFLOATING_SAVE TempBuffer;

2
reactos/win32ss/gdi/eng/mapping.c
View file

@ -393,7 +393,7 @@ EngLoadModuleEx(
Status = MmCreateSection(&pFileView->pSection,
SECTION_ALL_ACCESS,
NULL,
cjSizeOfModule ? &liSize : NULL,
&liSize,
fl & FVF_READONLY ? PAGE_EXECUTE_READ : PAGE_EXECUTE_READWRITE,
SEC_COMMIT,
hFile,

6
reactos/win32ss/gdi/eng/surface.c
View file

@ -279,7 +279,7 @@ EngCreateBitmap(
_In_ LONG lWidth,
_In_ ULONG iFormat,
_In_ ULONG fl,
_In_ PVOID pvBits)
_In_opt_ PVOID pvBits)
{
PSURFACE psurf;
HBITMAP hbmp;
@ -479,7 +479,7 @@ EngModifySurface(
BOOL
APIENTRY
EngDeleteSurface(
_In_ HSURF hsurf)
_In_ _Post_ptr_invalid_ HSURF hsurf)
{
PSURFACE psurf;
@ -537,7 +537,7 @@ NtGdiEngUnlockSurface(IN SURFOBJ *pso)
VOID
APIENTRY
EngUnlockSurface(
_In_ SURFOBJ *pso)
_In_ _Post_ptr_invalid_ SURFOBJ *pso)
{
if (pso != NULL)
{

4
reactos/win32ss/gdi/eng/xlateobj.c
View file

@ -11,7 +11,7 @@
#define NDEBUG
#include <debug.h>
_Always_(_Post_satisfies_(return==iColor))
_Post_satisfies_(return==iColor)
_Function_class_(FN_XLATE)
ULONG
FASTCALL
@ -38,7 +38,7 @@ static const BYTE gajXlate6to8[64] =
/** iXlate functions **********************************************************/
_Always_(_Post_satisfies_(return==iColor))
_Post_satisfies_(return==iColor)
_Function_class_(FN_XLATE)
ULONG
FASTCALL

4
reactos/win32ss/gdi/eng/xlateobj.h
View file

@ -58,8 +58,8 @@ VOID
NTAPI
EXLATEOBJ_vInitialize(
_Out_ PEXLATEOBJ pexlo,
_In_ PPALETTE ppalSrc,
_In_ PPALETTE ppalDst,
_In_opt_ PPALETTE ppalSrc,
_In_opt_ PPALETTE ppalDst,
_In_ COLORREF crSrcBackColor,
_In_ COLORREF crDstBackColor,
_In_ COLORREF crDstForeColor);

23
reactos/win32ss/gdi/ntgdi/gdiobj.c
View file

@ -1066,11 +1066,10 @@ INT
APIENTRY
NtGdiExtGetObjectW(
IN HANDLE hobj,
IN INT cbCount,
IN INT cjBufferSize,
OUT LPVOID lpBuffer)
{
INT iRetCount = 0;
INT cbCopyCount;
UINT iResult, cjMaxSize;
union
{
BITMAP bitmap;
@ -1083,33 +1082,33 @@ NtGdiExtGetObjectW(
} object;
/* Normalize to the largest supported object size */
cbCount = min((UINT)cbCount, sizeof(object));
cjMaxSize = min((UINT)cjBufferSize, sizeof(object));
/* Now do the actual call */
iRetCount = GreGetObject(hobj, cbCount, lpBuffer ? &object : NULL);
cbCopyCount = min((UINT)cbCount, (UINT)iRetCount);
iResult = GreGetObject(hobj, cjMaxSize, lpBuffer ? &object : NULL);
/* Make sure we have a buffer and a copy size */
if ((cbCopyCount) && (lpBuffer))
/* Check if we have a buffer and data */
if ((lpBuffer != NULL) && (iResult != 0))
{
/* Enter SEH for buffer transfer */
_SEH2_TRY
{
/* Probe the buffer and copy it */
ProbeForWrite(lpBuffer, cbCopyCount, sizeof(WORD));
RtlCopyMemory(lpBuffer, &object, cbCopyCount);
cjMaxSize = min(cjMaxSize, iResult);
ProbeForWrite(lpBuffer, cjMaxSize, sizeof(WORD));
RtlCopyMemory(lpBuffer, &object, cjMaxSize);
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
/* Clear the return value.
* Do *NOT* set last error here! */
iRetCount = 0;
iResult = 0;
}
_SEH2_END;
}
/* Return the count */
return iRetCount;
return iResult;
}
W32KAPI

18
reactos/win32ss/gdi/ntgdi/gdipool.c
View file

@ -127,6 +127,7 @@ GdiPoolAllocate(
PLIST_ENTRY ple;
PVOID pvAlloc, pvBaseAddress;
SIZE_T cjSize;
NTSTATUS status;
/* Disable APCs and acquire the pool lock */
KeEnterCriticalRegion();
@ -191,12 +192,17 @@ GdiPoolAllocate(
/* Commit the pages */
pvBaseAddress = PAGE_ALIGN(pvAlloc);
cjSize = ADDRESS_AND_SIZE_TO_SPAN_PAGES(pvAlloc, pPool->cjAllocSize) * PAGE_SIZE;
ZwAllocateVirtualMemory(NtCurrentProcess(),
&pvBaseAddress,
0,
&cjSize,
MEM_COMMIT,
PAGE_READWRITE);
status = ZwAllocateVirtualMemory(NtCurrentProcess(),
&pvBaseAddress,
0,
&cjSize,
MEM_COMMIT,
PAGE_READWRITE);
if (!NT_SUCCESS(status))
{
pvAlloc = NULL;
goto done;
}
pSection->ulCommitBitmap |= ulPageBit;
}

31
reactos/win32ss/gdi/ntgdi/line.c
View file

@ -420,7 +420,8 @@ NtGdiPolyDraw(
{
PDC dc;
PDC_ATTR pdcattr;
POINT *line_pts = NULL, *line_pts_old, *bzr_pts = NULL, bzr[4];
POINT bzr[4];
volatile PPOINT line_pts, line_pts_old, bzr_pts;
INT num_pts, num_bzr_pts, space, space_old, size;
ULONG i;
BOOL result = FALSE;
@ -441,6 +442,10 @@ NtGdiPolyDraw(
return TRUE;
}
line_pts = NULL;
line_pts_old = NULL;
bzr_pts = NULL;
_SEH2_TRY
{
ProbeArrayForRead(lppt, sizeof(POINT), cCount, sizeof(LONG));
@ -475,6 +480,12 @@ NtGdiPolyDraw(
space = cCount + 300;
line_pts = ExAllocatePoolWithTag(PagedPool, space * sizeof(POINT), TAG_SHAPE);
if (line_pts == NULL)
{
result = FALSE;
_SEH2_LEAVE;
}
num_pts = 1;
line_pts[0].x = pdcattr->ptlCurrent.x;
@ -510,10 +521,12 @@ NtGdiPolyDraw(
if (!line_pts) _SEH2_LEAVE;
RtlCopyMemory(line_pts, line_pts_old, space_old * sizeof(POINT));
ExFreePoolWithTag(line_pts_old, TAG_SHAPE);
line_pts_old = NULL;
}
RtlCopyMemory( &line_pts[num_pts], &bzr_pts[1], (num_bzr_pts - 1) * sizeof(POINT) );
num_pts += num_bzr_pts - 1;
ExFreePoolWithTag(bzr_pts, TAG_BEZIER);
bzr_pts = NULL;
}
i += 2;
break;
@ -523,7 +536,6 @@ NtGdiPolyDraw(
if (num_pts >= 2) IntGdiPolyline( dc, line_pts, num_pts );
IntGdiMoveToEx( dc, line_pts[num_pts - 1].x, line_pts[num_pts - 1].y, NULL, TRUE );
ExFreePoolWithTag(line_pts, TAG_SHAPE);
result = TRUE;
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
@ -532,6 +544,21 @@ NtGdiPolyDraw(
}
_SEH2_END;
if (line_pts != NULL)
{
ExFreePoolWithTag(line_pts, TAG_SHAPE);
}
if ((line_pts_old != NULL) && (line_pts_old != line_pts))
{
ExFreePoolWithTag(line_pts_old, TAG_SHAPE);
}
if (bzr_pts != NULL)
{
ExFreePoolWithTag(bzr_pts, TAG_BEZIER);
}
DC_UnlockDc(dc);
return result;

6
reactos/win32ss/gdi/ntgdi/pen.c
View file

@ -312,6 +312,12 @@ NtGdiExtCreatePen(
if (dwStyleCount > 0)
{
if (pUnsafeStyle == NULL)
{
EngSetLastError(ERROR_INVALID_PARAMETER);
return 0;
}
pSafeStyle = ExAllocatePoolWithTag(NonPagedPool,
dwStyleCount * sizeof(DWORD),
GDITAG_PENSTYLE);

12
reactos/win32ss/gdi/ntgdi/text.c
View file

@ -523,11 +523,9 @@ APIENTRY
NtGdiGetTextMetricsW(
IN HDC hDC,
OUT TMW_INTERNAL * pUnsafeTmwi,
IN ULONG cj
)
IN ULONG cj)
{
TMW_INTERNAL Tmwi;
NTSTATUS Status = STATUS_SUCCESS;
if ( cj <= sizeof(TMW_INTERNAL) )
{
@ -540,15 +538,11 @@ NtGdiGetTextMetricsW(
}
_SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
{
Status = _SEH2_GetExceptionCode();
SetLastNtError(_SEH2_GetExceptionCode());
return FALSE;
}
_SEH2_END
if (!NT_SUCCESS(Status))
{
SetLastNtError(Status);
return FALSE;
}
return TRUE;
}
}

8
reactos/win32ss/reactx/ntddraw/dxeng.c
View file

@ -286,7 +286,7 @@ DxEngGetHdevData(HDEV hDev,
DPRINT1("ReactX Calling : DxEngGetHdevData DXEGSHDEVDATA : %ld\n", Type);
#if 1
DPRINT1("HDEV hDev %08lx\n", hDev);
DPRINT1("HDEV hDev %p\n", hDev);
#endif
switch ( Type )
@ -454,7 +454,7 @@ DxEngGetDCState(HDC hDC,
PDC pDC = DC_LockDc(hDC);
DWORD_PTR retVal = 0;
DPRINT1("ReactX Calling : DxEngGetDCState type : %ld\n", type);
DPRINT1("ReactX Calling : DxEngGetDCState type : %lu\n", type);
if (pDC)
{
@ -474,7 +474,7 @@ DxEngGetDCState(HDC hDC,
}
default:
/* If a valid type is not found, zero is returned */
DPRINT1("Warning: did not find type %d\n",type);
DPRINT1("Warning: did not find type %lu\n", type);
break;
}
DC_UnlockDc(pDC);
@ -531,7 +531,7 @@ DxEngLockHdev(HDEV hDev)
DPRINT1("ReactX Calling : DxEngLockHdev \n");
DPRINT1("hDev : 0x%08lx\n",hDev);
DPRINT1("hDev : 0x%p\n",hDev);
Resource = (PERESOURCE)ppdev->hsemDevLock;

2
reactos/win32ss/user/ntuser/callback.c
View file

@ -382,7 +382,7 @@ co_IntLoadSysMenuTemplate()
UserLeaveCo();
Status = KeUserModeCallback(USER32_CALLBACK_LOADSYSMENUTEMPLATE,
NULL,
&ResultPointer,
0,
&ResultPointer,
&ResultLength);