[ros-diffs] [reactos] 99/218: [WINESYNC] d3dx9: Secure against unsafe iface to COM object transitions.

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=9add999c513f92e72545f… commit 9add999c513f92e72545ffcbedaf03ff8dd4170a Author: winesync <ros-dev(a)reactos.org> AuthorDate: Mon Sep 21 22:50:18 2020 +0200 Commit: Jérôme Gardou <jerome.gardou(a)reactos.org> CommitDate: Thu Feb 4 16:37:03 2021 +0100 [WINESYNC] d3dx9: Secure against unsafe iface to COM object transitions. Signed-off-by: Michael Stefaniuc <mstefani(a)winehq.org> Signed-off-by: Matteo Bruni <mbruni(a)codeweavers.com> Signed-off-by: Alexandre Julliard <julliard(a)winehq.org> wine commit id cd3e5020e4c87f49eb042fff9f607b6d745a5d55 by Michael Stefaniuc <mstefani(a)winehq.org> --- dll/directx/wine/d3dx9_36/effect.c | 13 ++++++++++++- sdk/tools/winesync/d3dx9.cfg | 2 +- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/dll/directx/wine/d3dx9_36/effect.c b/dll/directx/wine/d3dx9_36/effect.c index cd022dbf0ec..52908a274f1 100644 --- a/dll/directx/wine/d3dx9_36/effect.c +++ b/dll/directx/wine/d3dx9_36/effect.c @@ -1772,6 +1772,8 @@ static inline struct d3dx_effect_pool *impl_from_ID3DXEffectPool(ID3DXEffectPool return CONTAINING_RECORD(iface, struct d3dx_effect_pool, ID3DXEffectPool_iface); } +static inline struct d3dx_effect_pool *unsafe_impl_from_ID3DXEffectPool(ID3DXEffectPool *iface); + static inline struct d3dx_effect *impl_from_ID3DXEffect(ID3DXEffect *iface) { return CONTAINING_RECORD(iface, struct d3dx_effect, ID3DXEffect_iface); @@ -6168,8 +6170,8 @@ static HRESULT d3dx9_effect_init(struct d3dx_effect *effect, struct IDirect3DDev if (pool) { + effect->pool = unsafe_impl_from_ID3DXEffectPool(pool); pool->lpVtbl->AddRef(pool); - effect->pool = impl_from_ID3DXEffectPool(pool); } IDirect3DDevice9_AddRef(device); @@ -6481,6 +6483,15 @@ static const struct ID3DXEffectPoolVtbl ID3DXEffectPool_Vtbl = d3dx_effect_pool_Release }; +static inline struct d3dx_effect_pool *unsafe_impl_from_ID3DXEffectPool(ID3DXEffectPool *iface) +{ + if (!iface) + return NULL; + + assert(iface->lpVtbl == &ID3DXEffectPool_Vtbl); + return impl_from_ID3DXEffectPool(iface); +} + HRESULT WINAPI D3DXCreateEffectPool(ID3DXEffectPool **pool) { struct d3dx_effect_pool *object; diff --git a/sdk/tools/winesync/d3dx9.cfg b/sdk/tools/winesync/d3dx9.cfg index 2a08def01b1..616db55328b 100644 --- a/sdk/tools/winesync/d3dx9.cfg +++ b/sdk/tools/winesync/d3dx9.cfg @@ -15,4 +15,4 @@ files: {include/d3dx9.h: sdk/include/dxsdk/d3dx9.h, include/d3dx9anim.h: sdk/inc include/d3dx9mesh.h: sdk/include/dxsdk/d3dx9mesh.h, include/d3dx9of.h: sdk/include/dxsdk/d3dx9of.h, include/d3dx9shader.h: sdk/include/dxsdk/d3dx9shader.h, include/d3dx9shape.h: sdk/include/dxsdk/d3dx9shape.h, include/d3dx9tex.h: sdk/include/dxsdk/d3dx9tex.h, include/d3dx9xof.h: sdk/include/dxsdk/d3dx9xof.h} -tags: {wine: 3b951b77f87ed9102fc7a2ccb0807b5592990147} +tags: {wine: cd3e5020e4c87f49eb042fff9f607b6d745a5d55}