MENUITEMINFO size check

[Aric Stewart]

Check to make sure MENUITEMINFO is a valid structure, or at least has a 
valid structure size, before using it.
-------------- next part --------------
Index: dlls/user/menu.c
===================================================================
RCS file: /home/wine/wine/dlls/user/menu.c,v
retrieving revision 1.40
diff -u -r1.40 menu.c
--- dlls/user/menu.c	26 Sep 2005 09:57:38 -0000	1.40
+++ dlls/user/menu.c	6 Oct 2005 18:31:44 -0000
@@ -4083,6 +4083,22 @@
 }
 
 /**********************************************************************
+ *		check_MENUITEMINFO_size
+ */
+static BOOL check_MENUITEMINFO_size(LPMENUITEMINFOW lpmii)
+{
+    if (lpmii->cbSize == sizeof(MENUITEMINFOW))
+        return TRUE;
+    /* 
+     * an old version of MENUITEMINFO lacked the hbmpItem field.
+     */
+    if (lpmii->cbSize == (sizeof(MENUITEMINFOW) - sizeof(HBITMAP)))
+        return TRUE;
+               
+    return FALSE;
+}
+
+/**********************************************************************
  *		GetMenuItemInfo_common
  */
 
@@ -4096,6 +4112,14 @@
     if (!menu)
 	return FALSE;
 
+    /* check for a valid structure */
+    if (!check_MENUITEMINFO_size(lpmii))
+    {
+        ERR("Invalid structure size: %i\n", lpmii->cbSize);
+        SetLastError(ERROR_BAD_ARGUMENTS);
+        return FALSE;
+    }
+    
     if (lpmii->fMask & MIIM_TYPE) {
 	lpmii->fType = menu->fType;
 	switch (MENU_ITEM_TYPE(menu->fType)) {