[ros-diffs] [reactos] 01/01: [SHELL32] Fix CDefView UAF

4 Nov 2022

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=2567a663998d8da0e5353b...
commit 2567a663998d8da0e5353be6d4ec58b60a21f436
Author:     Mark Jansen mark.jansen@reactos.org
AuthorDate: Thu Oct 27 23:53:48 2022 +0200
Commit:     Mark Jansen mark.jansen@reactos.org
CommitDate: Fri Nov 4 23:01:31 2022 +0100
[SHELL32] Fix CDefView UAF
---
 dll/win32/shell32/CDefView.cpp | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/dll/win32/shell32/CDefView.cpp b/dll/win32/shell32/CDefView.cpp
index 321fb53ae08..95ccfa5973e 100644
--- a/dll/win32/shell32/CDefView.cpp
+++ b/dll/win32/shell32/CDefView.cpp
@@ -308,7 +308,6 @@ class CDefView :
         LRESULT OnSysColorChange(UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL &bHandled);
         LRESULT OnGetShellBrowser(UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL &bHandled);
         LRESULT OnNCCreate(UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL &bHandled);
-        LRESULT OnNCDestroy(UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL &bHandled);
         LRESULT OnCreate(UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL &bHandled);
         LRESULT OnContextMenu(UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL &bHandled);
         LRESULT OnSize(UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL &bHandled);
@@ -322,6 +321,8 @@ class CDefView :
         LRESULT OnSettingChange(UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL &bHandled);
         LRESULT OnInitMenuPopup(UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL &bHandled);
+        virtual VOID OnFinalMessage(HWND) override;
+
         static ATL::CWndClassInfo& GetWndClassInfo()
         {
             static ATL::CWndClassInfo wc =
@@ -358,7 +359,6 @@ class CDefView :
         MESSAGE_HANDLER(WM_SETFOCUS, OnSetFocus)
         MESSAGE_HANDLER(WM_KILLFOCUS, OnKillFocus)
         MESSAGE_HANDLER(WM_NCCREATE, OnNCCreate)
-        MESSAGE_HANDLER(WM_NCDESTROY, OnNCDestroy)
         MESSAGE_HANDLER(WM_CREATE, OnCreate)
         MESSAGE_HANDLER(WM_ACTIVATE, OnActivate)
         MESSAGE_HANDLER(WM_NOTIFY, OnNotify)
@@ -1228,11 +1228,9 @@ LRESULT CDefView::OnNCCreate(UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL &bHan
     return 0;
 }
-LRESULT CDefView::OnNCDestroy(UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL &bHandled)
+VOID CDefView::OnFinalMessage(HWND)
 {
     this->Release();
-    bHandled = FALSE;
-    return 0;
 }
/**********************************************************

    

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

[ros-diffs] [reactos] 01/01: [SHELL32] Fix CDefView UAF