[PATCH 2/3 (v2)] user32: make DIB_GetBitmapInfo checks stricter

Wolfram Sang wolfram at the-dreams.de
Thu Feb 24 15:12:08 CST 2011 

Commit 3a263a871c3fadfdcbf5ec113e31033a1f12fe54 (user32: Fix handling of bitmap
header size for V4/V5 bitmaps) weakened the check for a valid bitmap header too
much. Reapply the sanity checks.

Also, turn the error (which it is not) into a warning, correct the type and
print the size at a more meaningful location.

Signed-off-by: Wolfram Sang <wolfram at the-dreams.de>
---
 dlls/user32/cursoricon.c       |    6 ++++--
 dlls/user32/tests/cursoricon.c |   27 +++++++++++++++++++++++++++
 2 files changed, 31 insertions(+), 2 deletions(-)

diff --git a/dlls/user32/cursoricon.c b/dlls/user32/cursoricon.c
index d014711..715e12b 100644
--- a/dlls/user32/cursoricon.c
+++ b/dlls/user32/cursoricon.c
@@ -374,7 +374,9 @@ static int DIB_GetBitmapInfo( const BITMAPINFOHEADER *header, LONG *width,
         *compr  = 0;
         return 0;
     }
-    else if (header->biSize >= sizeof(BITMAPINFOHEADER))
+    else if (header->biSize == sizeof(BITMAPINFOHEADER) ||
+             header->biSize == sizeof(BITMAPV4HEADER) ||
+             header->biSize == sizeof(BITMAPV5HEADER))
     {
         *width  = header->biWidth;
         *height = header->biHeight;
@@ -382,7 +384,7 @@ static int DIB_GetBitmapInfo( const BITMAPINFOHEADER *header, LONG *width,
         *compr  = header->biCompression;
         return 1;
     }
-    ERR("(%d): unknown/wrong size for header\n", header->biSize );
+    WARN("unknown/wrong size (%u) for header\n", header->biSize);
     return -1;
 }
 
diff --git a/dlls/user32/tests/cursoricon.c b/dlls/user32/tests/cursoricon.c
index 454606a..da748b6 100644
--- a/dlls/user32/tests/cursoricon.c
+++ b/dlls/user32/tests/cursoricon.c
@@ -765,6 +765,24 @@ static unsigned char gif4pixel[42] = {
 0x02,0x00,0x00,0x02,0x03,0x14,0x16,0x05,0x00,0x3b
 };
 
+static const DWORD biSize_tests[] = {
+    0,
+    sizeof(BITMAPCOREHEADER) - 1,
+    sizeof(BITMAPCOREHEADER) + 1,
+    sizeof(BITMAPINFOHEADER) - 1,
+    sizeof(BITMAPINFOHEADER) + 1,
+    sizeof(BITMAPV4HEADER) - 1,
+    sizeof(BITMAPV4HEADER) + 1,
+    sizeof(BITMAPV5HEADER) - 1,
+    sizeof(BITMAPV5HEADER) + 1,
+    (sizeof(BITMAPCOREHEADER) + sizeof(BITMAPINFOHEADER)) / 2,
+    (sizeof(BITMAPV4HEADER) + sizeof(BITMAPV5HEADER)) / 2,
+    0xdeadbeef,
+    0xffffffff
+};
+
+#define ARRAY_SIZE(a) (sizeof(a)/sizeof((a)[0]))
+
 static void test_LoadImageBitmap(const char * test_desc, HBITMAP hbm)
 {
     BITMAP bm;
@@ -856,6 +874,7 @@ static void test_LoadImage(void)
     CURSORICONFILEDIRENTRY *icon_entry;
     BITMAPINFOHEADER *icon_header, *bitmap_header;
     ICONINFO icon_info;
+    int i;
 
 #define ICON_WIDTH 32
 #define ICON_HEIGHT 32
@@ -992,8 +1011,16 @@ static void test_LoadImage(void)
     bitmap_header->biWidth = 65536;
     test_LoadImageFile("BMP (too wide)", bmpimage, sizeof(bmpimage), "bmp", 0);
     bitmap_header->biWidth = 1;
+
+    for (i = 0; i < ARRAY_SIZE(biSize_tests); i++) {
+        bitmap_header->biSize = biSize_tests[i];
+        test_LoadImageFile("BMP (broken biSize)", bmpimage, sizeof(bmpimage), "bmp", 0);
+    }
+    bitmap_header->biSize = sizeof(BITMAPINFOHEADER);
 }
 
+#undef ARRAY_SIZE
+
 static void test_CreateIconFromResource(void)
 {
     HANDLE handle;
-- 
1.7.2.3

More information about the wine-patches mailing list