Commit 8aecfff8 authored by Robert Shearman's avatar Robert Shearman Committed by Alexandre Julliard

Make NdrInterfacePointer* more reliable.

parent d50ae025
...@@ -126,13 +126,18 @@ static HRESULT WINAPI RpcStream_Read(LPSTREAM iface, ...@@ -126,13 +126,18 @@ static HRESULT WINAPI RpcStream_Read(LPSTREAM iface,
ULONG *pcbRead) ULONG *pcbRead)
{ {
RpcStreamImpl *This = (RpcStreamImpl *)iface; RpcStreamImpl *This = (RpcStreamImpl *)iface;
if (This->pos + cb > *This->size) cb = *This->size - This->pos; HRESULT hr = S_OK;
if (This->pos + cb > *This->size)
{
cb = *This->size - This->pos;
hr = S_FALSE;
}
if (cb) { if (cb) {
memcpy(pv, This->data + This->pos, cb); memcpy(pv, This->data + This->pos, cb);
This->pos += cb; This->pos += cb;
} }
if (pcbRead) *pcbRead = cb; if (pcbRead) *pcbRead = cb;
return S_OK; return hr;
} }
static HRESULT WINAPI RpcStream_Write(LPSTREAM iface, static HRESULT WINAPI RpcStream_Write(LPSTREAM iface,
...@@ -141,6 +146,8 @@ static HRESULT WINAPI RpcStream_Write(LPSTREAM iface, ...@@ -141,6 +146,8 @@ static HRESULT WINAPI RpcStream_Write(LPSTREAM iface,
ULONG *pcbWritten) ULONG *pcbWritten)
{ {
RpcStreamImpl *This = (RpcStreamImpl *)iface; RpcStreamImpl *This = (RpcStreamImpl *)iface;
if (This->data + cb > (char *)This->pMsg->BufferEnd)
return STG_E_MEDIUMFULL;
memcpy(This->data + This->pos, pv, cb); memcpy(This->data + This->pos, pv, cb);
This->pos += cb; This->pos += cb;
if (This->pos > *This->size) *This->size = This->pos; if (This->pos > *This->size) *This->size = This->pos;
...@@ -247,11 +254,15 @@ unsigned char * WINAPI NdrInterfacePointerMarshall(PMIDL_STUB_MESSAGE pStubMsg, ...@@ -247,11 +254,15 @@ unsigned char * WINAPI NdrInterfacePointerMarshall(PMIDL_STUB_MESSAGE pStubMsg,
TRACE("(%p,%p,%p)\n", pStubMsg, pMemory, pFormat); TRACE("(%p,%p,%p)\n", pStubMsg, pMemory, pFormat);
pStubMsg->MaxCount = 0; pStubMsg->MaxCount = 0;
if (!LoadCOM()) return NULL; if (!LoadCOM()) return NULL;
if (pStubMsg->Buffer + sizeof(DWORD) < pStubMsg->BufferEnd) {
stream = RpcStream_Create(pStubMsg, TRUE); stream = RpcStream_Create(pStubMsg, TRUE);
if (stream) {
hr = COM_MarshalInterface(stream, riid, (LPUNKNOWN)pMemory, hr = COM_MarshalInterface(stream, riid, (LPUNKNOWN)pMemory,
pStubMsg->dwDestContext, pStubMsg->pvDestContext, pStubMsg->dwDestContext, pStubMsg->pvDestContext,
MSHLFLAGS_NORMAL); MSHLFLAGS_NORMAL);
IStream_Release(stream); IStream_Release(stream);
}
}
return NULL; return NULL;
} }
...@@ -269,9 +280,13 @@ unsigned char * WINAPI NdrInterfacePointerUnmarshall(PMIDL_STUB_MESSAGE pStubMsg ...@@ -269,9 +280,13 @@ unsigned char * WINAPI NdrInterfacePointerUnmarshall(PMIDL_STUB_MESSAGE pStubMsg
TRACE("(%p,%p,%p,%d)\n", pStubMsg, ppMemory, pFormat, fMustAlloc); TRACE("(%p,%p,%p,%d)\n", pStubMsg, ppMemory, pFormat, fMustAlloc);
if (!LoadCOM()) return NULL; if (!LoadCOM()) return NULL;
*(LPVOID*)ppMemory = NULL; *(LPVOID*)ppMemory = NULL;
if (pStubMsg->Buffer + sizeof(DWORD) < pStubMsg->BufferEnd) {
stream = RpcStream_Create(pStubMsg, FALSE); stream = RpcStream_Create(pStubMsg, FALSE);
if (stream) {
hr = COM_UnmarshalInterface(stream, &IID_NULL, (LPVOID*)ppMemory); hr = COM_UnmarshalInterface(stream, &IID_NULL, (LPVOID*)ppMemory);
IStream_Release(stream); IStream_Release(stream);
}
}
return NULL; return NULL;
} }
...@@ -292,7 +307,7 @@ void WINAPI NdrInterfacePointerBufferSize(PMIDL_STUB_MESSAGE pStubMsg, ...@@ -292,7 +307,7 @@ void WINAPI NdrInterfacePointerBufferSize(PMIDL_STUB_MESSAGE pStubMsg,
pStubMsg->dwDestContext, pStubMsg->pvDestContext, pStubMsg->dwDestContext, pStubMsg->pvDestContext,
MSHLFLAGS_NORMAL); MSHLFLAGS_NORMAL);
TRACE("size=%ld\n", size); TRACE("size=%ld\n", size);
pStubMsg->BufferLength += sizeof(DWORD) + size; if (size) pStubMsg->BufferLength += sizeof(DWORD) + size;
} }
/*********************************************************************** /***********************************************************************
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment