[ros-diffs] [tkreuzer] 26565: BRUSH_GetObject: - return sizeof(LOBRUSH) not BRUSHOBJ - don't return 0 on too small usermode buffer NtGdiExtGetObjectW: - remove unnecessary hacks - no need to align usermode buffer to words - add ENUMLOGFONTEXDVW, wich should be the biggest structure needed more fixes for fonts and extpens needed in the corresponding subfunctions, but all of my other tests pass now.

Sat Apr 28 23:53:06 CEST 2007

Author: tkreuzer
Date: Sun Apr 29 01:53:06 2007
New Revision: 26565

URL: http://svn.reactos.org/svn/reactos?rev=26565&view=rev
Log:
BRUSH_GetObject:
- return sizeof(LOBRUSH) not BRUSHOBJ
- don't return 0 on too small usermode buffer
NtGdiExtGetObjectW:
- remove unnecessary hacks
- no need to align usermode buffer to words
- add ENUMLOGFONTEXDVW, wich should be the biggest structure needed
more fixes for fonts and extpens needed in the corresponding subfunctions, but all of my other tests pass now.

Modified:
    trunk/reactos/subsystems/win32/win32k/objects/brush.c
    trunk/reactos/subsystems/win32/win32k/objects/dc.c

Modified: trunk/reactos/subsystems/win32/win32k/objects/brush.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/subsystems/win32/win32k/objects/brush.c?rev=26565&r1=26564&r2=26565&view=diff
==============================================================================

--- trunk/reactos/subsystems/win32/win32k/objects/brush.c (original)
+++ trunk/reactos/subsystems/win32/win32k/objects/brush.c Sun Apr 29 01:53:06 2007
@@ -52,9 +52,8 @@
 INT FASTCALL
 BRUSH_GetObject (PGDIBRUSHOBJ BrushObject, INT Count, LPLOGBRUSH Buffer)
 {
-   if( Buffer == NULL ) return sizeof(BRUSHOBJ);
+   if( Buffer == NULL ) return sizeof(LOGBRUSH);
    if (Count == 0) return 0;
-   if ((UINT)Count < sizeof(BRUSHOBJ)) return 0;
 
    /* Set colour */
     Buffer->lbColor =  BrushObject->BrushAttr.lbColor;
@@ -106,7 +105,7 @@
     */
 
     /* FIXME */
-    return sizeof(BRUSHOBJ);
+    return sizeof(LOGBRUSH);
 }
 
 

Modified: trunk/reactos/subsystems/win32/win32k/objects/dc.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/subsystems/win32/win32k/objects/dc.c?rev=26565&r1=26564&r2=26565&view=diff
==============================================================================
--- trunk/reactos/subsystems/win32/win32k/objects/dc.c (original)
+++ trunk/reactos/subsystems/win32/win32k/objects/dc.c Sun Apr 29 01:53:06 2007
@@ -1817,92 +1817,44 @@
                    OUT LPVOID lpBuffer)
 {
     INT iRetCount = 0;
-    INT iObjectType;
-    INT cbRealCount = cbCount;
+    INT cbCopyCount;
     union
     {
-        BITMAP bmpObject;
-        DIBSECTION disObject;
-        LOGPEN lgpObject;
-        LOGBRUSH lgbObject;
-        LOGFONTW lgfObject;
-        EXTLOGFONTW elgfObject;
+        BITMAP bitmap;
+        DIBSECTION dibsection;
+        LOGPEN logpen;
+        LOGBRUSH logbrush;
+        LOGFONTW logfontw;
+        EXTLOGFONTW extlogfontw;
+        ENUMLOGFONTEXDVW enumlogfontexdvw;
     } Object;
 
-    //
-    // Get the object type
-    //
-    iObjectType = GDIOBJ_GetObjectType(hGdiObj);
-
-    //
-    // Check if the given size is too large
-    //
-    if (cbCount > sizeof(Object))
-    {
-        //
-        // Normalize to the largest supported object size
-        //
-        DPRINT1("cbCount too big!\n");
-        cbCount = sizeof(Object);
-    }
-
-    //
-    // Check if this is a brush
-    //
-    if (iObjectType == GDI_OBJECT_TYPE_BRUSH)
-    {
-        //
-        // Windows GDI Hack: Manually correct the size
-        //
-        cbCount = sizeof(LOGBRUSH);
-    }
-
-    //
+    // Normalize to the largest supported object size
+    cbCount = min((UINT)cbCount, sizeof(Object));
+
     // Now do the actual call
-    //
     iRetCount = IntGdiGetObject(hGdiObj, cbCount, lpBuffer ? &Object : NULL);
-
-    //
-    // Check if this is a brush
-    //
-    if (iObjectType == GDI_OBJECT_TYPE_BRUSH)
-    {
-        //
-        // Fixup the size to account for our previous fixup
-        //
-        cbCount = min(cbCount, cbRealCount);
-    }
-
-    //
-    // Make sure we have a buffer and a return size
-    //
-    if ((iRetCount) && (lpBuffer))
-    {
-        //
+    cbCopyCount = min((UINT)cbCount, (UINT)iRetCount);
+
+    // Make sure we have a buffer and a copy size
+    if ((cbCopyCount) && (lpBuffer))
+    {
         // Enter SEH for buffer transfer
-        //
         _SEH_TRY
         {
-            //
             // Probe the buffer and copy it
-            //
-            ProbeForWrite(lpBuffer, min(cbCount, cbRealCount), sizeof(WORD));
-            RtlCopyMemory(lpBuffer, &Object, min(cbCount, cbRealCount));
+            ProbeForWrite(lpBuffer, cbCopyCount, 1);
+            RtlCopyMemory(lpBuffer, &Object, cbCopyCount);
         }
         _SEH_HANDLE
         {
-            //
             // Clear the return value.
             // Do *NOT* set last error here!
-            //
             iRetCount = 0;
         }
         _SEH_END;
     }
-
-    //
     // Return the count
-    //
     return iRetCount;
 }
 


