[reactos] 01/01: [SHELL32] Fix some NULL-pointers validation. - Ros-diffs

8 Jun 2019

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=ae2a85d003da762e4bcb23...
commit ae2a85d003da762e4bcb232b15f1180333e5917a
Author:     Hermès Bélusca-Maïto hermes.belusca-maito@reactos.org
AuthorDate: Sat Jun 8 19:43:02 2019 +0200
Commit:     Hermès Bélusca-Maïto hermes.belusca-maito@reactos.org
CommitDate: Sat Jun 8 19:43:02 2019 +0200
[SHELL32] Fix some NULL-pointers validation.
- In the exported SHCreateDefaultContextMenu() and
      IDataObject_Constructor() functions (called amongst others by
      the exported CIDLData_CreateFromIDArray() function).
- In the exported SHCreateShellFolderView() function.
- In CDefView::GetItemObject(), where data was written to *ppvOut before
      ppvOut was being checked for NULL.
---
 dll/win32/shell32/CDefView.cpp            | 11 ++++++-----
 dll/win32/shell32/CDefaultContextMenu.cpp |  7 ++++++-
 dll/win32/shell32/CIDLDataObj.cpp         |  2 ++
 3 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/dll/win32/shell32/CDefView.cpp b/dll/win32/shell32/CDefView.cpp
index 334e0b3613..8541e56fa7 100644
--- a/dll/win32/shell32/CDefView.cpp
+++ b/dll/win32/shell32/CDefView.cpp
@@ -2419,6 +2419,9 @@ HRESULT WINAPI CDefView::GetItemObject(UINT uItem, REFIID riid, LPVOID *ppvOut)
TRACE("(%p)->(uItem=0x%08x,\n\tIID=%s, ppv=%p)\n", this, uItem, debugstr_guid(&riid), ppvOut);
+    if (!ppvOut)
+        return E_INVALIDARG;
+
     *ppvOut = NULL;
switch (uItem)
@@ -2426,9 +2429,6 @@ HRESULT WINAPI CDefView::GetItemObject(UINT uItem, REFIID riid, LPVOID *ppvOut)
         case SVGIO_BACKGROUND:
             if (IsEqualIID(riid, IID_IContextMenu))
             {
-                if (!ppvOut)
-                    hr = E_OUTOFMEMORY;
-
                 hr = CDefViewBckgrndMenu_CreateInstance(m_pSF2Parent, riid, ppvOut);
                 if (FAILED_UNEXPECTEDLY(hr))
                     return hr;
@@ -3449,13 +3449,14 @@ HRESULT WINAPI SHCreateShellFolderView(const SFV_CREATE *pcsfv,
     CComPtr<IShellView> psv;
     HRESULT hRes;
-    *ppsv = NULL;
-    if (!pcsfv || pcsfv->cbSize != sizeof(*pcsfv))
+    if (!ppsv || !pcsfv || pcsfv->cbSize != sizeof(*pcsfv))
         return E_INVALIDARG;
TRACE("sf=%p outer=%p callback=%p\n",
       pcsfv->pshf, pcsfv->psvOuter, pcsfv->psfvcb);
+    *ppsv = NULL;
+
     hRes = CDefView_CreateInstance(pcsfv->pshf, IID_PPV_ARG(IShellView, &psv));
     if (FAILED(hRes))
         return hRes;
diff --git a/dll/win32/shell32/CDefaultContextMenu.cpp b/dll/win32/shell32/CDefaultContextMenu.cpp
index 93ce54c984..a65e5a05ab 100644
--- a/dll/win32/shell32/CDefaultContextMenu.cpp
+++ b/dll/win32/shell32/CDefaultContextMenu.cpp
@@ -1472,7 +1472,12 @@ HRESULT
 WINAPI
 SHCreateDefaultContextMenu(const DEFCONTEXTMENU *pdcm, REFIID riid, void **ppv)
 {
-    HRESULT hr = CDefaultContextMenu_CreateInstance(pdcm, NULL, riid, ppv);
+    HRESULT hr;
+
+    if (!ppv)
+        return E_INVALIDARG;
+
+    hr = CDefaultContextMenu_CreateInstance(pdcm, NULL, riid, ppv);
     if (FAILED_UNEXPECTEDLY(hr))
         return hr;
diff --git a/dll/win32/shell32/CIDLDataObj.cpp b/dll/win32/shell32/CIDLDataObj.cpp
index a446adaf7b..a28aed1718 100644
--- a/dll/win32/shell32/CIDLDataObj.cpp
+++ b/dll/win32/shell32/CIDLDataObj.cpp
@@ -410,6 +410,8 @@ HRESULT WINAPI CIDLDataObj::EndOperation(HRESULT hResult, IBindCtx *pbcReserved,
 */
 HRESULT IDataObject_Constructor(HWND hwndOwner, PCIDLIST_ABSOLUTE pMyPidl, PCUIDLIST_RELATIVE_ARRAY apidl, UINT cidl, IDataObject **dataObject)
 {
+    if (!dataObject)
+        return E_INVALIDARG;
     return ShellObjectCreatorInit<CIDLDataObj>(hwndOwner, pMyPidl, apidl, cidl, IID_PPV_ARG(IDataObject, dataObject));
 }

    