[ros-diffs] [greatlrd] 26860: Fixing another memory crash bug this time for GetFourCCCodes

Author: greatlrd Date: Tue May 22 00:51:55 2007 New Revision: 26860 URL: http://svn.reactos.org/svn/reactos?rev=26860&view=rev Log: Fixing another memory crash bug this time for GetFourCCCodes Modified: trunk/reactos/dll/directx/ddraw/Ddraw/ddraw_main.c trunk/reactos/dll/directx/ddraw/startup.c Modified: trunk/reactos/dll/directx/ddraw/Ddraw/ddraw_main.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/directx/ddraw/Ddraw/dd… ============================================================================== --- trunk/reactos/dll/directx/ddraw/Ddraw/ddraw_main.c (original) +++ trunk/reactos/dll/directx/ddraw/Ddraw/ddraw_main.c Tue May 22 00:51:55 2007 @@ -146,28 +146,31 @@ Main_DirectDraw_GetFourCCCodes(LPDIRECTDRAW7 iface, LPDWORD lpNumCodes, LPDWORD lpCodes) { LPDDRAWI_DIRECTDRAW_INT This = (LPDDRAWI_DIRECTDRAW_INT)iface; + HRESULT retVal = DD_OK; + DX_WINDBG_trace(); /* FIXME protect with SEH or something else if lpCodes or lpNumCodes for bad user pointers */ EnterCriticalSection(&ddcs); - if(!lpNumCodes) - { - LeaveCriticalSection(&ddcs); - return DDERR_INVALIDPARAMS; - } - - if(lpCodes) - { - memcpy(lpCodes, This->lpLcl->lpGbl->lpdwFourCC, sizeof(DWORD)* min(This->lpLcl->lpGbl->dwNumFourCC, *lpNumCodes)); - } - else - { - *lpNumCodes = This->lpLcl->lpGbl->dwNumFourCC; - } + if(!lpNumCodes) + { + retVal = DDERR_INVALIDPARAMS; + } + else + { + if ((lpCodes) && (*lpCodes)) + { + memcpy(lpCodes, This->lpLcl->lpGbl->lpdwFourCC, sizeof(DWORD)* min(This->lpLcl->lpGbl->dwNumFourCC, *lpNumCodes)); + } + else + { + *lpNumCodes = This->lpLcl->lpGbl->dwNumFourCC; + } + } LeaveCriticalSection(&ddcs); - return DD_OK; + return retVal; } HRESULT WINAPI Modified: trunk/reactos/dll/directx/ddraw/startup.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/directx/ddraw/startup.… ============================================================================== --- trunk/reactos/dll/directx/ddraw/startup.c (original) +++ trunk/reactos/dll/directx/ddraw/startup.c Tue May 22 00:51:55 2007 @@ -188,7 +188,7 @@ if (reenable == FALSE) { - if (This->lpLink == NULL) + if ((!IsBadReadPtr(This->lpLink,sizeof(LPDIRECTDRAW))) && (This->lpLink == NULL)) { RtlZeroMemory(&ddgbl, sizeof(DDRAWI_DIRECTDRAW_GBL)); This->lpLcl->lpGbl->dwRefCnt++; @@ -470,6 +470,8 @@ // FIXME Close DX fristcall and second call return DD_FALSE; } + + DX_STUB_str("Here\n"); /* Alloc mpFourCC */ mpFourCC = NULL;