Fix parameter validation in WM_GETTEXT and GetWindowText. Modified: trunk/reactos/lib/user32/windows/defwnd.c Modified: trunk/reactos/lib/user32/windows/window.c _____ Modified: trunk/reactos/lib/user32/windows/defwnd.c --- trunk/reactos/lib/user32/windows/defwnd.c 2005-09-20 09:28:49 UTC (rev 17943) +++ trunk/reactos/lib/user32/windows/defwnd.c 2005-09-20 09:31:13 UTC (rev 17944) @@ -1426,10 +1426,6 @@ LPSTR AnsiBuffer = (LPSTR)lParam; INT Length; - if (wParam > 1) - { - *((PWSTR)lParam) = '\0'; - } Buffer = HeapAlloc(GetProcessHeap(), 0, wParam * sizeof(WCHAR)); if (!Buffer) return FALSE; @@ -1505,10 +1501,6 @@ case WM_GETTEXT: { - if (wParam > 1) - { - *((PWSTR)lParam) = L'\0'; - } return (LRESULT)NtUserInternalGetWindowText(hWnd, (PWSTR)lParam, wParam); } _____ Modified: trunk/reactos/lib/user32/windows/window.c --- trunk/reactos/lib/user32/windows/window.c 2005-09-20 09:28:49 UTC (rev 17943) +++ trunk/reactos/lib/user32/windows/window.c 2005-09-20 09:31:13 UTC (rev 17944) @@ -819,39 +819,36 @@ int STDCALL GetWindowTextA(HWND hWnd, LPSTR lpString, int nMaxCount) { - DWORD ProcessId; - if(!NtUserGetWindowThreadProcessId(hWnd, &ProcessId)) - { - return 0; - } + DWORD ProcessId; + + if (lpString == NULL) + return 0; - if(ProcessId != GetCurrentProcessId()) - { - /* do not send WM_GETTEXT messages to other processes */ - LPWSTR Buffer; - INT Length; + if (!NtUserGetWindowThreadProcessId(hWnd, &ProcessId)) + return 0; - if (nMaxCount > 1) - { - *((PWSTR)lpString) = '\0'; - } - Buffer = HeapAlloc(GetProcessHeap(), 0, nMaxCount * sizeof(WCHAR)); - if (!Buffer) - return FALSE; - Length = NtUserInternalGetWindowText(hWnd, Buffer, nMaxCount); - if (Length > 0 && nMaxCount > 0 && - !WideCharToMultiByte(CP_ACP, 0, Buffer, -1, - lpString, nMaxCount, NULL, NULL)) - { - lpString[0] = '\0'; - } + if (ProcessId != GetCurrentProcessId()) + { + /* do not send WM_GETTEXT messages to other processes */ + LPWSTR Buffer; + INT Length; - HeapFree(GetProcessHeap(), 0, Buffer); + Buffer = HeapAlloc(GetProcessHeap(), 0, nMaxCount * sizeof(WCHAR)); + if (!Buffer) + return FALSE; + Length = NtUserInternalGetWindowText(hWnd, Buffer, nMaxCount); + if (Length > 0 && nMaxCount > 0 && + !WideCharToMultiByte(CP_ACP, 0, Buffer, -1, + lpString, nMaxCount, NULL, NULL)) + { + lpString[0] = '\0'; + } + HeapFree(GetProcessHeap(), 0, Buffer); - return (LRESULT)Length; - } + return (LRESULT)Length; + } - return(SendMessageA(hWnd, WM_GETTEXT, nMaxCount, (LPARAM)lpString)); + return SendMessageA(hWnd, WM_GETTEXT, nMaxCount, (LPARAM)lpString); } @@ -903,29 +900,20 @@ * @implemented */ int STDCALL -GetWindowTextW( - HWND hWnd, - LPWSTR lpString, - int nMaxCount) +GetWindowTextW(HWND hWnd, LPWSTR lpString, int nMaxCount) { - DWORD ProcessId; - if(!NtUserGetWindowThreadProcessId(hWnd, &ProcessId)) - { - return 0; - } + DWORD ProcessId; + + if (lpString == NULL) + return 0; - if(ProcessId == GetCurrentProcessId()) - { - return(SendMessageW(hWnd, WM_GETTEXT, nMaxCount, (LPARAM)lpString)); - } + if (!NtUserGetWindowThreadProcessId(hWnd, &ProcessId)) + return 0; - /* do not send WM_GETTEXT messages to other processes */ - if (nMaxCount > 1) - { - *((PWSTR)lpString) = L'\0'; - } + if (ProcessId == GetCurrentProcessId()) + return SendMessageW(hWnd, WM_GETTEXT, nMaxCount, (LPARAM)lpString); - return (LRESULT)NtUserInternalGetWindowText(hWnd, (PWSTR)lpString, nMaxCount); + return NtUserInternalGetWindowText(hWnd, lpString, nMaxCount); } DWORD STDCALL