Commit 4c47385e authored by Huw Davies's avatar Huw Davies Committed by Alexandre Julliard

comdlg32: Add structure size checks.

parent 9db8e593
...@@ -4024,6 +4024,12 @@ static void MemFree(void *mem) ...@@ -4024,6 +4024,12 @@ static void MemFree(void *mem)
HeapFree(GetProcessHeap(),0,mem); HeapFree(GetProcessHeap(),0,mem);
} }
static inline BOOL valid_struct_size( DWORD size )
{
return (size == OPENFILENAME_SIZE_VERSION_400W) ||
(size == sizeof( OPENFILENAMEW ));
}
static inline BOOL is_win16_looks(DWORD flags) static inline BOOL is_win16_looks(DWORD flags)
{ {
return (flags & (OFN_ALLOWMULTISELECT|OFN_ENABLEHOOK|OFN_ENABLETEMPLATE) && return (flags & (OFN_ALLOWMULTISELECT|OFN_ENABLEHOOK|OFN_ENABLETEMPLATE) &&
...@@ -4047,6 +4053,12 @@ BOOL WINAPI GetOpenFileNameA( ...@@ -4047,6 +4053,12 @@ BOOL WINAPI GetOpenFileNameA(
{ {
TRACE("flags %08x\n", ofn->Flags); TRACE("flags %08x\n", ofn->Flags);
if (!valid_struct_size( ofn->lStructSize ))
{
COMDLG32_SetCommDlgExtendedError( CDERR_STRUCTSIZE );
return FALSE;
}
/* OFN_FILEMUSTEXIST implies OFN_PATHMUSTEXIST */ /* OFN_FILEMUSTEXIST implies OFN_PATHMUSTEXIST */
if (ofn->Flags & OFN_FILEMUSTEXIST) if (ofn->Flags & OFN_FILEMUSTEXIST)
ofn->Flags |= OFN_PATHMUSTEXIST; ofn->Flags |= OFN_PATHMUSTEXIST;
...@@ -4072,6 +4084,12 @@ BOOL WINAPI GetOpenFileNameW( ...@@ -4072,6 +4084,12 @@ BOOL WINAPI GetOpenFileNameW(
{ {
TRACE("flags %08x\n", ofn->Flags); TRACE("flags %08x\n", ofn->Flags);
if (!valid_struct_size( ofn->lStructSize ))
{
COMDLG32_SetCommDlgExtendedError( CDERR_STRUCTSIZE );
return FALSE;
}
/* OFN_FILEMUSTEXIST implies OFN_PATHMUSTEXIST */ /* OFN_FILEMUSTEXIST implies OFN_PATHMUSTEXIST */
if (ofn->Flags & OFN_FILEMUSTEXIST) if (ofn->Flags & OFN_FILEMUSTEXIST)
ofn->Flags |= OFN_PATHMUSTEXIST; ofn->Flags |= OFN_PATHMUSTEXIST;
...@@ -4096,6 +4114,12 @@ BOOL WINAPI GetOpenFileNameW( ...@@ -4096,6 +4114,12 @@ BOOL WINAPI GetOpenFileNameW(
BOOL WINAPI GetSaveFileNameA( BOOL WINAPI GetSaveFileNameA(
LPOPENFILENAMEA ofn) /* [in/out] address of init structure */ LPOPENFILENAMEA ofn) /* [in/out] address of init structure */
{ {
if (!valid_struct_size( ofn->lStructSize ))
{
COMDLG32_SetCommDlgExtendedError( CDERR_STRUCTSIZE );
return FALSE;
}
if (is_win16_looks(ofn->Flags)) if (is_win16_looks(ofn->Flags))
return GetFileName31A(ofn, SAVE_DIALOG); return GetFileName31A(ofn, SAVE_DIALOG);
else else
...@@ -4115,6 +4139,12 @@ BOOL WINAPI GetSaveFileNameA( ...@@ -4115,6 +4139,12 @@ BOOL WINAPI GetSaveFileNameA(
BOOL WINAPI GetSaveFileNameW( BOOL WINAPI GetSaveFileNameW(
LPOPENFILENAMEW ofn) /* [in/out] address of init structure */ LPOPENFILENAMEW ofn) /* [in/out] address of init structure */
{ {
if (!valid_struct_size( ofn->lStructSize ))
{
COMDLG32_SetCommDlgExtendedError( CDERR_STRUCTSIZE );
return FALSE;
}
if (is_win16_looks(ofn->Flags)) if (is_win16_looks(ofn->Flags))
return GetFileName31W(ofn, SAVE_DIALOG); return GetFileName31W(ofn, SAVE_DIALOG);
else else
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment