4 Nov
2022
4 Nov
'22
10:02 p.m.
https://git.reactos.org/?p=reactos.git;a=commitdiff;h=2567a663998d8da0e5353…
commit 2567a663998d8da0e5353be6d4ec58b60a21f436
Author: Mark Jansen <mark.jansen(a)reactos.org>
AuthorDate: Thu Oct 27 23:53:48 2022 +0200
Commit: Mark Jansen <mark.jansen(a)reactos.org>
CommitDate: Fri Nov 4 23:01:31 2022 +0100
[SHELL32] Fix CDefView UAF
---
dll/win32/shell32/CDefView.cpp | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/dll/win32/shell32/CDefView.cpp b/dll/win32/shell32/CDefView.cpp
index 321fb53ae08..95ccfa5973e 100644
--- a/dll/win32/shell32/CDefView.cpp
+++ b/dll/win32/shell32/CDefView.cpp
@@ -308,7 +308,6 @@ class CDefView :
LRESULT OnSysColorChange(UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL
&bHandled);
LRESULT OnGetShellBrowser(UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL
&bHandled);
LRESULT OnNCCreate(UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL &bHandled);
- LRESULT OnNCDestroy(UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL &bHandled);
LRESULT OnCreate(UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL &bHandled);
LRESULT OnContextMenu(UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL
&bHandled);
LRESULT OnSize(UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL &bHandled);
@@ -322,6 +321,8 @@ class CDefView :
LRESULT OnSettingChange(UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL
&bHandled);
LRESULT OnInitMenuPopup(UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL
&bHandled);
+ virtual VOID OnFinalMessage(HWND) override;
+
static ATL::CWndClassInfo& GetWndClassInfo()
{
static ATL::CWndClassInfo wc =
@@ -358,7 +359,6 @@ class CDefView :
MESSAGE_HANDLER(WM_SETFOCUS, OnSetFocus)
MESSAGE_HANDLER(WM_KILLFOCUS, OnKillFocus)
MESSAGE_HANDLER(WM_NCCREATE, OnNCCreate)
- MESSAGE_HANDLER(WM_NCDESTROY, OnNCDestroy)
MESSAGE_HANDLER(WM_CREATE, OnCreate)
MESSAGE_HANDLER(WM_ACTIVATE, OnActivate)
MESSAGE_HANDLER(WM_NOTIFY, OnNotify)
@@ -1228,11 +1228,9 @@ LRESULT CDefView::OnNCCreate(UINT uMsg, WPARAM wParam, LPARAM
lParam, BOOL &bHan
return 0;
}
-LRESULT CDefView::OnNCDestroy(UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL
&bHandled)
+VOID CDefView::OnFinalMessage(HWND)
{
this->Release();
- bHandled = FALSE;
- return 0;
}
/**********************************************************
1092
days inactive
1092
days old
0 comments
1 participants
participants (1)
-
Mark Jansen