Nikolay Sivov : comctl32/monthcal: Add parameter validation to MCM_HITTEST handler.
Alexandre Julliard
julliard at winehq.org
Mon Sep 28 11:54:39 CDT 2009
Module: wine
Branch: master
Commit: 69080d6d29a6b14bad3ea3be7e12226e43f7cf5d
URL: http://source.winehq.org/git/wine.git/?a=commit;h=69080d6d29a6b14bad3ea3be7e12226e43f7cf5d
Author: Nikolay Sivov <bunglehead at gmail.com>
Date: Sat Sep 26 23:26:53 2009 +0400
comctl32/monthcal: Add parameter validation to MCM_HITTEST handler.
---
dlls/comctl32/monthcal.c | 4 ++++
dlls/comctl32/tests/monthcal.c | 17 +++++++++++++++--
include/commctrl.h | 7 +++++++
3 files changed, 26 insertions(+), 2 deletions(-)
diff --git a/dlls/comctl32/monthcal.c b/dlls/comctl32/monthcal.c
index 1389622..603e3e8 100644
--- a/dlls/comctl32/monthcal.c
+++ b/dlls/comctl32/monthcal.c
@@ -1141,6 +1141,7 @@ MONTHCAL_HitTest(const MONTHCAL_INFO *infoPtr, MCHITTESTINFO *lpht)
DWORD retval;
int day,wday,wnum;
+ if(!lpht || lpht->cbSize < MCHITTESTINFO_V1_SIZE) return -1;
x = lpht->pt.x;
y = lpht->pt.y;
@@ -1417,6 +1418,7 @@ MONTHCAL_LButtonDown(MONTHCAL_INFO *infoPtr, LPARAM lParam)
InvalidateRect(infoPtr->hwndSelf, NULL, FALSE);
}
+ ht.cbSize = sizeof(MCHITTESTINFO);
ht.pt.x = (short)LOWORD(lParam);
ht.pt.y = (short)HIWORD(lParam);
TRACE("(%d, %d)\n", ht.pt.x, ht.pt.y);
@@ -1550,6 +1552,7 @@ MONTHCAL_LButtonUp(MONTHCAL_INFO *infoPtr, LPARAM lParam)
redraw = TRUE;
}
+ ht.cbSize = sizeof(MCHITTESTINFO);
ht.pt.x = (short)LOWORD(lParam);
ht.pt.y = (short)HIWORD(lParam);
hit = MONTHCAL_HitTest(infoPtr, &ht);
@@ -1628,6 +1631,7 @@ MONTHCAL_MouseMove(MONTHCAL_INFO *infoPtr, LPARAM lParam)
if(!(infoPtr->status & MC_SEL_LBUTDOWN)) return 0;
+ ht.cbSize = sizeof(MCHITTESTINFO);
ht.pt.x = (short)LOWORD(lParam);
ht.pt.y = (short)HIWORD(lParam);
diff --git a/dlls/comctl32/tests/monthcal.c b/dlls/comctl32/tests/monthcal.c
index 109d8a8..8561b8c 100644
--- a/dlls/comctl32/tests/monthcal.c
+++ b/dlls/comctl32/tests/monthcal.c
@@ -867,6 +867,19 @@ static void test_monthcal_hittest(void)
hwnd = create_monthcal_control(0);
+ /* test with invalid structure size */
+ mchit.cbSize = MCHITTESTINFO_V1_SIZE - 1;
+ mchit.pt.x = 0;
+ mchit.pt.y = 0;
+ res = SendMessage(hwnd, MCM_HITTEST, 0, (LPARAM)&mchit);
+ expect(0, mchit.pt.x);
+ expect(0, mchit.pt.y);
+ expect(-1, res);
+ expect(0, mchit.uHit);
+ /* test with invalid pointer */
+ res = SendMessage(hwnd, MCM_HITTEST, 0, (LPARAM)NULL);
+ expect(-1, res);
+
flush_sequences(sequences, NUM_MSG_SEQUENCES);
st.wYear = 2007;
@@ -882,7 +895,7 @@ static void test_monthcal_hittest(void)
expect(1,res);
/* (0, 0) is the top left of the control and should not be active */
- mchit.cbSize = sizeof(MCHITTESTINFO);
+ mchit.cbSize = MCHITTESTINFO_V1_SIZE;
mchit.pt.x = 0;
mchit.pt.y = 0;
res = SendMessage(hwnd, MCM_HITTEST, 0, (LPARAM) & mchit);
@@ -1051,7 +1064,7 @@ static void test_monthcal_todaylink(void)
flush_sequences(sequences, NUM_MSG_SEQUENCES);
/* (70, 370) is in active area - today link */
- mchit.cbSize = sizeof(MCHITTESTINFO);
+ mchit.cbSize = MCHITTESTINFO_V1_SIZE;
mchit.pt.x = 70;
mchit.pt.y = 370;
res = SendMessage(hwnd, MCM_HITTEST, 0, (LPARAM) & mchit);
diff --git a/include/commctrl.h b/include/commctrl.h
index ae417c0..6a42e2e 100644
--- a/include/commctrl.h
+++ b/include/commctrl.h
@@ -4702,8 +4702,15 @@ typedef struct {
POINT pt;
UINT uHit;
SYSTEMTIME st;
+ /* Vista */
+ RECT rc;
+ INT iOffset;
+ INT iRow;
+ INT iCol;
} MCHITTESTINFO, *PMCHITTESTINFO;
+#define MCHITTESTINFO_V1_SIZE CCSIZEOF_STRUCT(MCHITTESTINFO, st)
+
typedef struct tagNMSELCHANGE
{
NMHDR nmhdr;
More information about the wine-cvs
mailing list