[ros-dev] [ros-diffs] [jimtabor] 38518: - Removed SEH abuse and add notes for the hook code, in NtUserDefSetText. - Update NtUserCallHwndLock subfunctions.

Timo Kreuzer timo.kreuzer at web.de
Sat Jan 3 13:33:15 CET 2009 

SEH is still needed. SafeText doesn't really deserve it's name, as it's
only a safe copy of the UNICODE_STRING structure  returned by
ProbeForReadUnicodeString(), but with the still unsafe string buffer.
Also the Buffer was never probed (ProbeForReadUnicodeString only checks
the UNICODE_STRING and copies it)

IMO the function is dangerous, as it implies that the Buffer was probed,
too.

Timo


jimtabor at svn.reactos.org schrieb:
> Author: jimtabor
> Date: Fri Jan  2 22:02:54 2009
> New Revision: 38518
>
> URL: http://svn.reactos.org/svn/reactos?rev=38518&view=rev
> Log:
> - Removed SEH abuse and add notes for the hook code, in NtUserDefSetText.
> - Update NtUserCallHwndLock subfunctions.
>
> Modified:
>     trunk/reactos/subsystems/win32/win32k/ntuser/simplecall.c
>     trunk/reactos/subsystems/win32/win32k/ntuser/window.c
>
>   
...
>
> Modified: trunk/reactos/subsystems/win32/win32k/ntuser/window.c
> URL: http://svn.reactos.org/svn/reactos/trunk/reactos/subsystems/win32/win32k/ntuser/window.c?rev=38518&r1=38517&r2=38518&view=diff
> ==============================================================================
> --- trunk/reactos/subsystems/win32/win32k/ntuser/window.c [iso-8859-1] (original)
> +++ trunk/reactos/subsystems/win32/win32k/ntuser/window.c [iso-8859-1] Fri Jan  2 22:02:54 2009
> @@ -4569,57 +4569,47 @@
>     }
>     Wnd = Window->Wnd;
>  
> -   if(SafeText.Length != 0)
> -   {
> -      _SEH2_TRY
> -      {
> -          if (Wnd->WindowName.MaximumLength > 0 &&
> -              SafeText.Length <= Wnd->WindowName.MaximumLength - sizeof(UNICODE_NULL))
> -          {
> -              ASSERT(Wnd->WindowName.Buffer != NULL);
> -
> -              Wnd->WindowName.Length = SafeText.Length;
> -              Wnd->WindowName.Buffer[SafeText.Length / sizeof(WCHAR)] = L'\0';
> -              RtlCopyMemory(Wnd->WindowName.Buffer,
> -                            SafeText.Buffer,
> -                            SafeText.Length);
> -          }
> -          else
> -          {
> -              PWCHAR buf;
> -              Wnd->WindowName.MaximumLength = Wnd->WindowName.Length = 0;
> -              buf = Wnd->WindowName.Buffer;
> -              Wnd->WindowName.Buffer = NULL;
> -              if (buf != NULL)
> -              {
> -                  DesktopHeapFree(Wnd->pdesktop,
> -                                  buf);
> -              }
> -
> -              Wnd->WindowName.Buffer = DesktopHeapAlloc(Wnd->pdesktop,
> -                                                        SafeText.Length + sizeof(UNICODE_NULL));
> -              if (Wnd->WindowName.Buffer != NULL)
> -              {
> -                  Wnd->WindowName.Buffer[SafeText.Length / sizeof(WCHAR)] = L'\0';
> -                  RtlCopyMemory(Wnd->WindowName.Buffer,
> -                                SafeText.Buffer,
> -                                SafeText.Length);
> -                  Wnd->WindowName.MaximumLength = SafeText.Length + sizeof(UNICODE_NULL);
> -                  Wnd->WindowName.Length = SafeText.Length;
> -              }
> -              else
> -              {
> -                  SetLastWin32Error(ERROR_NOT_ENOUGH_MEMORY);
> -                  Ret = FALSE;
> -              }
> -          }
> -      }
> -      _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
> -      {
> -           SetLastNtError(_SEH2_GetExceptionCode());
> -           Ret = FALSE;
> -      }
> -      _SEH2_END;
> +   if (SafeText.Length != 0)
> +   {
> +      if (Wnd->WindowName.MaximumLength > 0 &&
> +          SafeText.Length <= Wnd->WindowName.MaximumLength - sizeof(UNICODE_NULL))
> +      {
> +         ASSERT(Wnd->WindowName.Buffer != NULL);
> +
> +         Wnd->WindowName.Length = SafeText.Length;
> +         Wnd->WindowName.Buffer[SafeText.Length / sizeof(WCHAR)] = L'\0';
> +         RtlCopyMemory(Wnd->WindowName.Buffer,
> +                              SafeText.Buffer,
> +                              SafeText.Length);
> +      }
> +      else
> +      {
> +         PWCHAR buf;
> +         Wnd->WindowName.MaximumLength = Wnd->WindowName.Length = 0;
> +         buf = Wnd->WindowName.Buffer;
> +         Wnd->WindowName.Buffer = NULL;
> +         if (buf != NULL)
> +         {
> +            DesktopHeapFree(Wnd->pdesktop, buf);
> +         }
> +
> +         Wnd->WindowName.Buffer = DesktopHeapAlloc(Wnd->pdesktop,
> +                                                   SafeText.Length + sizeof(UNICODE_NULL));
> +         if (Wnd->WindowName.Buffer != NULL)
> +         {
> +            Wnd->WindowName.Buffer[SafeText.Length / sizeof(WCHAR)] = L'\0';
> +            RtlCopyMemory(Wnd->WindowName.Buffer,
> +                                 SafeText.Buffer,
> +                                 SafeText.Length);
> +            Wnd->WindowName.MaximumLength = SafeText.Length + sizeof(UNICODE_NULL);
> +            Wnd->WindowName.Length = SafeText.Length;
> +         }
> +         else
> +         {
> +            SetLastWin32Error(ERROR_NOT_ENOUGH_MEMORY);
> +            Ret = FALSE;
> +         }
> +      }
>     }
>     else
>     {
> @@ -4628,6 +4618,9 @@
>            Wnd->WindowName.Buffer[0] = L'\0';
>     }
>  
> +   // HAX! FIXME! Windows does not do this in here!
> +   // In User32, these are called after: NotifyWinEvent EVENT_OBJECT_NAMECHANGE than
> +   // RepaintButton, StaticRepaint, NtUserCallHwndLock HWNDLOCK_ROUTINE_REDRAWFRAMEANDHOOK, etc.
>     /* Send shell notifications */
>     if (!IntGetOwner(Window) && !IntGetParent(Window))
>     {
>
>
>

More information about the Ros-dev mailing list