[ros-diffs] [tkreuzer] 49309: [WIN32K] Fix possible NULL pointer dereferences. Spotted by Amine Khaldi.
tkreuzer at svn.reactos.org
tkreuzer at svn.reactos.org
Wed Oct 27 17:08:41 UTC 2010
Author: tkreuzer
Date: Wed Oct 27 17:08:40 2010
New Revision: 49309
URL: http://svn.reactos.org/svn/reactos?rev=49309&view=rev
Log:
[WIN32K]
Fix possible NULL pointer dereferences. Spotted by Amine Khaldi.
Modified:
trunk/reactos/subsystems/win32/win32k/ntuser/keyboard.c
trunk/reactos/subsystems/win32/win32k/ntuser/message.c
Modified: trunk/reactos/subsystems/win32/win32k/ntuser/keyboard.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/subsystems/win32/win32k/ntuser/keyboard.c?rev=49309&r1=49308&r2=49309&view=diff
==============================================================================
--- trunk/reactos/subsystems/win32/win32k/ntuser/keyboard.c [iso-8859-1] (original)
+++ trunk/reactos/subsystems/win32/win32k/ntuser/keyboard.c [iso-8859-1] Wed Oct 27 17:08:40 2010
@@ -941,6 +941,12 @@
VscVkTable = KeyboardLayout->pVSCtoVK_E1;
}
+ if (!VscVkTable)
+ {
+ DPRINT1("somethings wrong, Prefix=0x%x", Prefix);
+ return;
+ }
+
RawVk = 0xff;
while (VscVkTable->Vsc)
{
Modified: trunk/reactos/subsystems/win32/win32k/ntuser/message.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/subsystems/win32/win32k/ntuser/message.c?rev=49309&r1=49308&r2=49309&view=diff
==============================================================================
--- trunk/reactos/subsystems/win32/win32k/ntuser/message.c [iso-8859-1] (original)
+++ trunk/reactos/subsystems/win32/win32k/ntuser/message.c [iso-8859-1] Wed Oct 27 17:08:40 2010
@@ -2492,18 +2492,23 @@
UserEnterExclusive();
/* Validate input */
- if (hWnd && (hWnd != INVALID_HANDLE_VALUE) && !(Window = UserGetWindowObject(hWnd)))
- {
- UserLeave();
- return FALSE;
- }
+ if (hWnd && (hWnd != INVALID_HANDLE_VALUE))
+ {
+ Window = UserGetWindowObject(hWnd);
+ if (!Window)
+ {
+ UserLeave();
+ return FALSE;
+ }
+ }
+
switch(dwType)
{
case FNID_DEFWINDOWPROC:
- UserRefObjectCo(Window, &Ref);
+ if (Window) UserRefObjectCo(Window, &Ref);
lResult = IntDefWindowProc(Window, Msg, wParam, lParam, Ansi);
Ret = TRUE;
- UserDerefObjectCo(Window);
+ if (Window) UserDerefObjectCo(Window);
break;
case FNID_SENDNOTIFYMESSAGE:
Ret = UserSendNotifyMessage(hWnd, Msg, wParam, lParam);
More information about the Ros-diffs
mailing list