[ros-dev] [ros-diffs] [jimtabor] 38518: - Removed SEH abuse and add notes for the hook code, in NtUserDefSetText. - Update NtUserCallHwndLock subfunctions.
Thomas Bluemel
thomas at reactsoft.com
Sat Jan 3 17:18:51 CET 2009
ProbeForReadUnicodeString should at least probe the buffers, otherwise
the function is pointless. I believe at one point it did, and it was
probably removed for some strange reason. The reason it copies the
UNICODE_STRING is so that the pointers can't be modified anymore.
Thomas
Timo Kreuzer wrote:
> SEH is still needed. SafeText doesn't really deserve it's name, as it's
> only a safe copy of the UNICODE_STRING structure returned by
> ProbeForReadUnicodeString(), but with the still unsafe string buffer.
> Also the Buffer was never probed (ProbeForReadUnicodeString only checks
> the UNICODE_STRING and copies it)
>
> IMO the function is dangerous, as it implies that the Buffer was probed,
> too.
>
> Timo
>
>
> jimtabor at svn.reactos.org schrieb:
>
>> Author: jimtabor
>> Date: Fri Jan 2 22:02:54 2009
>> New Revision: 38518
>>
>> URL: http://svn.reactos.org/svn/reactos?rev=38518&view=rev
>> Log:
>> - Removed SEH abuse and add notes for the hook code, in NtUserDefSetText.
>> - Update NtUserCallHwndLock subfunctions.
>>
>> Modified:
>> trunk/reactos/subsystems/win32/win32k/ntuser/simplecall.c
>> trunk/reactos/subsystems/win32/win32k/ntuser/window.c
>>
>>
>>
> ...
>
>> Modified: trunk/reactos/subsystems/win32/win32k/ntuser/window.c
>> URL: http://svn.reactos.org/svn/reactos/trunk/reactos/subsystems/win32/win32k/ntuser/window.c?rev=38518&r1=38517&r2=38518&view=diff
>> ==============================================================================
>> --- trunk/reactos/subsystems/win32/win32k/ntuser/window.c [iso-8859-1] (original)
>> +++ trunk/reactos/subsystems/win32/win32k/ntuser/window.c [iso-8859-1] Fri Jan 2 22:02:54 2009
>> @@ -4569,57 +4569,47 @@
>> }
>> Wnd = Window->Wnd;
>>
>> - if(SafeText.Length != 0)
>> - {
>> - _SEH2_TRY
>> - {
>> - if (Wnd->WindowName.MaximumLength > 0 &&
>> - SafeText.Length <= Wnd->WindowName.MaximumLength - sizeof(UNICODE_NULL))
>> - {
>> - ASSERT(Wnd->WindowName.Buffer != NULL);
>> -
>> - Wnd->WindowName.Length = SafeText.Length;
>> - Wnd->WindowName.Buffer[SafeText.Length / sizeof(WCHAR)] = L'\0';
>> - RtlCopyMemory(Wnd->WindowName.Buffer,
>> - SafeText.Buffer,
>> - SafeText.Length);
>> - }
>> - else
>> - {
>> - PWCHAR buf;
>> - Wnd->WindowName.MaximumLength = Wnd->WindowName.Length = 0;
>> - buf = Wnd->WindowName.Buffer;
>> - Wnd->WindowName.Buffer = NULL;
>> - if (buf != NULL)
>> - {
>> - DesktopHeapFree(Wnd->pdesktop,
>> - buf);
>> - }
>> -
>> - Wnd->WindowName.Buffer = DesktopHeapAlloc(Wnd->pdesktop,
>> - SafeText.Length + sizeof(UNICODE_NULL));
>> - if (Wnd->WindowName.Buffer != NULL)
>> - {
>> - Wnd->WindowName.Buffer[SafeText.Length / sizeof(WCHAR)] = L'\0';
>> - RtlCopyMemory(Wnd->WindowName.Buffer,
>> - SafeText.Buffer,
>> - SafeText.Length);
>> - Wnd->WindowName.MaximumLength = SafeText.Length + sizeof(UNICODE_NULL);
>> - Wnd->WindowName.Length = SafeText.Length;
>> - }
>> - else
>> - {
>> - SetLastWin32Error(ERROR_NOT_ENOUGH_MEMORY);
>> - Ret = FALSE;
>> - }
>> - }
>> - }
>> - _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
>> - {
>> - SetLastNtError(_SEH2_GetExceptionCode());
>> - Ret = FALSE;
>> - }
>> - _SEH2_END;
>> + if (SafeText.Length != 0)
>> + {
>> + if (Wnd->WindowName.MaximumLength > 0 &&
>> + SafeText.Length <= Wnd->WindowName.MaximumLength - sizeof(UNICODE_NULL))
>> + {
>> + ASSERT(Wnd->WindowName.Buffer != NULL);
>> +
>> + Wnd->WindowName.Length = SafeText.Length;
>> + Wnd->WindowName.Buffer[SafeText.Length / sizeof(WCHAR)] = L'\0';
>> + RtlCopyMemory(Wnd->WindowName.Buffer,
>> + SafeText.Buffer,
>> + SafeText.Length);
>> + }
>> + else
>> + {
>> + PWCHAR buf;
>> + Wnd->WindowName.MaximumLength = Wnd->WindowName.Length = 0;
>> + buf = Wnd->WindowName.Buffer;
>> + Wnd->WindowName.Buffer = NULL;
>> + if (buf != NULL)
>> + {
>> + DesktopHeapFree(Wnd->pdesktop, buf);
>> + }
>> +
>> + Wnd->WindowName.Buffer = DesktopHeapAlloc(Wnd->pdesktop,
>> + SafeText.Length + sizeof(UNICODE_NULL));
>> + if (Wnd->WindowName.Buffer != NULL)
>> + {
>> + Wnd->WindowName.Buffer[SafeText.Length / sizeof(WCHAR)] = L'\0';
>> + RtlCopyMemory(Wnd->WindowName.Buffer,
>> + SafeText.Buffer,
>> + SafeText.Length);
>> + Wnd->WindowName.MaximumLength = SafeText.Length + sizeof(UNICODE_NULL);
>> + Wnd->WindowName.Length = SafeText.Length;
>> + }
>> + else
>> + {
>> + SetLastWin32Error(ERROR_NOT_ENOUGH_MEMORY);
>> + Ret = FALSE;
>> + }
>> + }
>> }
>> else
>> {
>> @@ -4628,6 +4618,9 @@
>> Wnd->WindowName.Buffer[0] = L'\0';
>> }
>>
>> + // HAX! FIXME! Windows does not do this in here!
>> + // In User32, these are called after: NotifyWinEvent EVENT_OBJECT_NAMECHANGE than
>> + // RepaintButton, StaticRepaint, NtUserCallHwndLock HWNDLOCK_ROUTINE_REDRAWFRAMEANDHOOK, etc.
>> /* Send shell notifications */
>> if (!IntGetOwner(Window) && !IntGetParent(Window))
>> {
>>
>>
>>
>>
>
> _______________________________________________
> Ros-dev mailing list
> Ros-dev at reactos.org
> http://www.reactos.org/mailman/listinfo/ros-dev
>
More information about the Ros-dev
mailing list