Author: gadamopoulos Date: Sun Sep 18 12:33:38 2011 New Revision: 53732 URL: http://svn.reactos.org/svn/reactos?rev=53732&view=rev Log: [win32k] - Fix several issues detected by static code analysis Modified: trunk/reactos/subsystems/win32/win32k/ntuser/message.c trunk/reactos/subsystems/win32/win32k/ntuser/window.c trunk/reactos/subsystems/win32/win32k/ntuser/winpos.c Modified: trunk/reactos/subsystems/win32/win32k/ntuser/message.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/subsystems/win32/win32k/nt… ============================================================================== --- trunk/reactos/subsystems/win32/win32k/ntuser/message.c [iso-8859-1] (original) +++ trunk/reactos/subsystems/win32/win32k/ntuser/message.c [iso-8859-1] Sun Sep 18 12:33:38 2011 @@ -334,6 +334,11 @@ return STATUS_SUCCESS; } PackedData = ExAllocatePoolWithTag(NonPagedPool, size, TAG_MSG); + if (PackedData == NULL) + { + ERR("Not enough memory to pack lParam\n"); + return STATUS_NO_MEMORY; + } RtlCopyMemory(PackedData, (PVOID)lParam, MsgMemorySize(MsgMemoryEntry, wParam, lParam)); *lParamPacked = (LPARAM)PackedData; } @@ -375,6 +380,7 @@ { PMSGMEMORY MsgMemoryEntry; MsgMemoryEntry = FindMsgMemory(Msg); + ASSERT(MsgMemoryEntry); if (MsgMemoryEntry->Size < 0) { /* Keep previous behavior */ @@ -587,7 +593,7 @@ CWPR.message = Msg; CWPR.wParam = wParam; CWPR.lParam = lParam; - CWPR.lResult = *uResult; + CWPR.lResult = uResult ? (*uResult) : 0; co_HOOK_CallHooks( WH_CALLWNDPROCRET, HC_ACTION, SameThread, (LPARAM)&CWPR ); } @@ -608,7 +614,7 @@ pti = PsGetCurrentThreadWin32Thread(); - if ( Window->head.pti != pti) + if ( Window && Window->head.pti != pti) { EngSetLastError( ERROR_MESSAGE_SYNC_ONLY ); return 0; @@ -2050,7 +2056,7 @@ { case FNID_DEFWINDOWPROC: /* Validate input */ - if (hWnd && (hWnd != INVALID_HANDLE_VALUE)) + if (hWnd) { Window = UserGetWindowObject(hWnd); if (!Window) @@ -2058,11 +2064,12 @@ UserLeave(); return FALSE; } - } - UserRefObjectCo(Window, &Ref); + UserRefObjectCo(Window, &Ref); + } lResult = IntDefWindowProc(Window, Msg, wParam, lParam, Ansi); Ret = TRUE; - UserDerefObjectCo(Window); + if (hWnd) + UserDerefObjectCo(Window); break; case FNID_SENDNOTIFYMESSAGE: Ret = UserSendNotifyMessage(hWnd, Msg, wParam, lParam); Modified: trunk/reactos/subsystems/win32/win32k/ntuser/window.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/subsystems/win32/win32k/nt… ============================================================================== --- trunk/reactos/subsystems/win32/win32k/ntuser/window.c [iso-8859-1] (original) +++ trunk/reactos/subsystems/win32/win32k/ntuser/window.c [iso-8859-1] Sun Sep 18 12:33:38 2011 @@ -1591,7 +1591,7 @@ Dialog boxes and message boxes do not inherit layout, so you must set the layout explicitly. */ - if ( Class && Class->fnid != FNID_DIALOG) + if ( Class->fnid != FNID_DIALOG) { PPROCESSINFO ppi = PsGetCurrentProcessWin32Process(); if (ppi->dwLayout & LAYOUT_RTL) @@ -2170,6 +2170,9 @@ if (Window->ExStyle & WS_EX_MDICHILD) { + ASSERT(ParentWindow); + if(!ParentWindow) + goto cleanup; co_IntSendMessage(UserHMGetHandle(ParentWindow), WM_MDIREFRESHMENU, 0, 0); /* ShowWindow won't activate child windows */ co_WinPosSetWindowPos(Window, HWND_TOP, 0, 0, 0, 0, SWP_SHOWWINDOW | SWP_NOMOVE | SWP_NOSIZE); @@ -2291,19 +2294,18 @@ lstrWindowName.Buffer = NULL; lstrClassName.Buffer = NULL; - /* Check if we got a Window name */ - if (plstrWindowName) + ASSERT(plstrWindowName); + + /* Copy the window name to kernel mode */ + Status = ProbeAndCaptureLargeString(&lstrWindowName, plstrWindowName); + if (!NT_SUCCESS(Status)) { - /* Copy the string to kernel mode */ - Status = ProbeAndCaptureLargeString(&lstrWindowName, plstrWindowName); - if (!NT_SUCCESS(Status)) - { - ERR("NtUserCreateWindowEx: failed to capture plstrWindowName\n"); - SetLastNtError(Status); - return NULL; - } - plstrWindowName = &lstrWindowName; + ERR("NtUserCreateWindowEx: failed to capture plstrWindowName\n"); + SetLastNtError(Status); + return NULL; } + + plstrWindowName = &lstrWindowName; /* Check if the class is an atom */ if (IS_ATOM(plstrClassName)) Modified: trunk/reactos/subsystems/win32/win32k/ntuser/winpos.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/subsystems/win32/win32k/nt… ============================================================================== --- trunk/reactos/subsystems/win32/win32k/ntuser/winpos.c [iso-8859-1] (original) +++ trunk/reactos/subsystems/win32/win32k/ntuser/winpos.c [iso-8859-1] Sun Sep 18 12:33:38 2011 @@ -161,6 +161,12 @@ HWND *List = IntWinListChildren(parent); ASSERT_REFS_CO(parent); + + /* Check if we found any children */ + if(List == NULL) + { + return 0; + } IntGetClientRect( parent, &rectParent ); x = rectParent.left; @@ -693,15 +699,14 @@ */ static HWND FASTCALL -WinPosDoOwnedPopups(HWND hWnd, HWND hWndInsertAfter) +WinPosDoOwnedPopups(PWND Window, HWND hWndInsertAfter) { HWND *List = NULL; HWND Owner; LONG Style; - PWND Window ,DesktopWindow, ChildObject; + PWND DesktopWindow, ChildObject; int i; - Window = UserGetWindowObject(hWnd); Owner = Window->spwndOwner ? Window->spwndOwner->head.h : NULL; Style = Window->style; @@ -732,7 +737,7 @@ } } } - if (List[i] != hWnd) + if (List[i] != Window->head.h) hWndLocalPrev = List[i]; if (hWndLocalPrev == hWndInsertAfter) break; @@ -757,7 +762,7 @@ { PWND Wnd; - if (List[i] == hWnd) + if (List[i] == Window->head.h) break; if (!(Wnd = UserGetWindowObject(List[i]))) @@ -896,11 +901,15 @@ && HWND_NOTOPMOST != WinPos->hwndInsertAfter && HWND_BOTTOM != WinPos->hwndInsertAfter) { - PWND InsAfterWnd, Parent = Wnd->spwndParent; + PWND InsAfterWnd; InsAfterWnd = UserGetWindowObject(WinPos->hwndInsertAfter); - - if (InsAfterWnd && UserGetAncestor(InsAfterWnd, GA_PARENT) != Parent) + if(!InsAfterWnd) + { + return TRUE; + } + + if (InsAfterWnd->spwndParent != Wnd->spwndParent) { return FALSE; } @@ -995,7 +1004,7 @@ SWP_NOZORDER && Ancestor && Ancestor->head.h == IntGetDesktopWindow() ) { - WinPos.hwndInsertAfter = WinPosDoOwnedPopups(WinPos.hwnd, WinPos.hwndInsertAfter); + WinPos.hwndInsertAfter = WinPosDoOwnedPopups(Window, WinPos.hwndInsertAfter); } if (!(WinPos.flags & SWP_NOREDRAW)) @@ -1604,9 +1613,8 @@ return pwndChild; } } + ExFreePool(List); } - - ExFreePool(List); } *HitTest = co_IntSendMessage(ScopeWin->head.h, WM_NCHITTEST, 0, @@ -1756,17 +1764,28 @@ for (i = 0, winpos = pDWP->acvr; res && i < pDWP->ccvr; i++, winpos++) { + PWND pwnd; + USER_REFERENCE_ENTRY Ref; + TRACE("hwnd %p, after %p, %d,%d (%dx%d), flags %08x\n", winpos->pos.hwnd, winpos->pos.hwndInsertAfter, winpos->pos.x, winpos->pos.y, winpos->pos.cx, winpos->pos.cy, winpos->pos.flags); - - res = co_WinPosSetWindowPos( UserGetWindowObject(winpos->pos.hwnd), + + pwnd = UserGetWindowObject(winpos->pos.hwnd); + if(!pwnd) + continue; + + UserRefObjectCo(pwnd, &Ref); + + res = co_WinPosSetWindowPos( pwnd, winpos->pos.hwndInsertAfter, winpos->pos.x, winpos->pos.y, winpos->pos.cx, winpos->pos.cy, winpos->pos.flags); + + UserDerefObjectCo(pwnd); } ExFreePoolWithTag(pDWP->acvr, USERTAG_SWP); UserDereferenceObject(pDWP);