Jérôme Gardou wrote:
- Probing the BITMAPINFO and then passing the usermode buffer to the
internal and unprotected function is not enough. The buffer must be
copied.
OK, it's safer this way.
It's not a matter of "safe, safer,
safest". It's wrong vs correct.
Accessing the usermode buffer without SEH == unsafe!
- The
BITMAPV5HEADER is only ~120 bytes and only used once per function
call, so putting the safe buffer on the stack is appropriate. The buffer
needs be large enough for V5 anyway, so why not fixup some values and
make it a full V5 header?
No, all values added by V4/V5 headers are for ICM. If there is only a
BITMAPINFOHEADER there, then we don't have to care about ICM. If we
"convert" it to a V5 header, all values will be 0, that's not worth
the effort.
There are also the color masks. In V4/V5 there are dedicated fields
for
these masks, while in the BITMAPINFO they are in the bmiColors array.
If *bV5CSType == *LCS_sRGB or LCS_WINDOWS_COLOR_SPACE, then the other
fields are ignored, so here is no additional effort.
The only "effort" to make here is to take
care of where the color
buffer is : bmi + bmi->bmiHeader.biSize and not bmi->bmiColors. Then
check in some functions if we have a V4/V5 header to take care of the
features they have.
Exactly. And why do you want to multiply this effort? Why do
you want to
handle this everywhere you use a BITMAPINFO instead of in exactly one
place?
Timo