[jgardou] 47355: [WIN32K] - Check devmode size in NtUserChangeDisplaySettings - Copy memory instead of setting fields in UserEnumDisplaySettings, so we don't lost anything. - Ros-diffs

25 May 2010

Author: jgardou
Date: Wed May 26 00:46:57 2010
New Revision: 47355
URL: http://svn.reactos.org/svn/reactos?rev=47355&view=rev
Log:
[WIN32K]
  - Check devmode size in NtUserChangeDisplaySettings
  - Copy memory instead of setting fields in UserEnumDisplaySettings, so we don't lost anything.
Modified:
    branches/reactos-yarotows/subsystems/win32/win32k/ntuser/display.c
Modified: branches/reactos-yarotows/subsystems/win32/win32k/ntuser/display.c
URL: http://svn.reactos.org/svn/reactos/branches/reactos-yarotows/subsystems/win3...
==============================================================================

--- branches/reactos-yarotows/subsystems/win32/win32k/ntuser/display.c [iso-8859-1] (original)
+++ branches/reactos-yarotows/subsystems/win32/win32k/ntuser/display.c [iso-8859-1] Wed May 26 00:46:57 2010
@@ -648,11 +648,8 @@
             cbExtra = lpDevMode->dmDriverExtra;
ProbeForWrite(lpDevMode, cbSize + cbExtra, 1);
-            lpDevMode->dmPelsWidth = pdm->dmPelsWidth;
-            lpDevMode->dmPelsHeight = pdm->dmPelsHeight;
-            lpDevMode->dmBitsPerPel = pdm->dmBitsPerPel;
-            lpDevMode->dmDisplayFrequency = pdm->dmDisplayFrequency;
-            lpDevMode->dmDisplayFlags = pdm->dmDisplayFlags;
+            /* Output what we got */
+            RtlCopyMemory(lpDevMode, pdm, min(cbSize, pdm->dmSize));
/* output private/extra driver data */
             if (cbExtra > 0 && pdm->dmDriverExtra > 0)
@@ -703,6 +700,8 @@
             return DISP_CHANGE_BADPARAM;
         }
     }
+    else if (pdm->dmSize < FIELD_OFFSET(DEVMODEW, dmFields))
+        return DISP_CHANGE_FAILED;
     else
         dm = *pdm;

    