From dbb72f492373533c1f943542de5f55029e9e3f09 Mon Sep 17 00:00:00 2001
From: Timo Kreuzer <timo.kreuzer@reactos.org>
Date: Wed, 11 Sep 2024 15:59:28 +0300
Subject: [PATCH] [NTUSER] Fix unaligned access in co_IntSetWindowLongPtr

---
 win32ss/user/ntuser/window.c | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/win32ss/user/ntuser/window.c b/win32ss/user/ntuser/window.c
index 2d25e99cf67..a21c559d9ff 100644
--- a/win32ss/user/ntuser/window.c
+++ b/win32ss/user/ntuser/window.c
@@ -9,6 +9,8 @@
 
 #include <win32k.h>
 #include <immdev.h>
+#include <unaligned.h>
+
 DBG_DEFAULT_CHANNEL(UserWnd);
 
 INT gNestedWindowLimit = 50;
@@ -3842,16 +3844,18 @@ co_IntSetWindowLongPtr(HWND hWnd, DWORD Index, LONG_PTR NewValue, BOOL Ansi, ULO
          return 0;
       }
 
+      PVOID Address = (PUCHAR)(&Window[1]) + Index;
+
 #ifdef _WIN64
       if (Size == sizeof(LONG))
       {
-         OldValue = *((LONG *)((PCHAR)(Window + 1) + Index));
-         *((LONG*)((PCHAR)(Window + 1) + Index)) = (LONG)NewValue;
+         OldValue = ReadUnalignedU32(Address);
+         WriteUnalignedU32(Address, NewValue);
       }
       else
 #endif
       {
-         OldValue = *((LONG_PTR *)((PCHAR)(Window + 1) + Index));
+         OldValue = ReadUnalignedUlongPtr(Address);
          /*
          if ( Index == DWLP_DLGPROC && Wnd->state & WNDS_DIALOGWINDOW)
          {
@@ -3859,7 +3863,7 @@ co_IntSetWindowLongPtr(HWND hWnd, DWORD Index, LONG_PTR NewValue, BOOL Ansi, ULO
             if (!OldValue) return 0;
          }
          */
-         *((LONG_PTR*)((PCHAR)(Window + 1) + Index)) = NewValue;
+         WriteUnalignedUlongPtr(Address, NewValue);
       }
 
    }