Commit e7a608a4 authored by Nikolay Sivov's avatar Nikolay Sivov Committed by Alexandre Julliard

rpcrt4: Handle memory allocation error when creating OLE stream instance.

parent 3e676b20
...@@ -95,14 +95,15 @@ static HRESULT WINAPI RpcStream_QueryInterface(LPSTREAM iface, ...@@ -95,14 +95,15 @@ static HRESULT WINAPI RpcStream_QueryInterface(LPSTREAM iface,
REFIID riid, REFIID riid,
LPVOID *obj) LPVOID *obj)
{ {
RpcStreamImpl *This = impl_from_IStream(iface);
if (IsEqualGUID(&IID_IUnknown, riid) || if (IsEqualGUID(&IID_IUnknown, riid) ||
IsEqualGUID(&IID_ISequentialStream, riid) || IsEqualGUID(&IID_ISequentialStream, riid) ||
IsEqualGUID(&IID_IStream, riid)) { IsEqualGUID(&IID_IStream, riid)) {
*obj = This; *obj = iface;
InterlockedIncrement( &This->RefCount ); IStream_AddRef(iface);
return S_OK; return S_OK;
} }
*obj = NULL;
return E_NOINTERFACE; return E_NOINTERFACE;
} }
...@@ -120,7 +121,6 @@ static ULONG WINAPI RpcStream_Release(LPSTREAM iface) ...@@ -120,7 +121,6 @@ static ULONG WINAPI RpcStream_Release(LPSTREAM iface)
TRACE("size=%d\n", *This->size); TRACE("size=%d\n", *This->size);
This->pMsg->Buffer = This->data + *This->size; This->pMsg->Buffer = This->data + *This->size;
HeapFree(GetProcessHeap(),0,This); HeapFree(GetProcessHeap(),0,This);
return 0;
} }
return ref; return ref;
} }
...@@ -212,11 +212,13 @@ static const IStreamVtbl RpcStream_Vtbl = ...@@ -212,11 +212,13 @@ static const IStreamVtbl RpcStream_Vtbl =
NULL /* Clone */ NULL /* Clone */
}; };
static LPSTREAM RpcStream_Create(PMIDL_STUB_MESSAGE pStubMsg, BOOL init) static HRESULT RpcStream_Create(PMIDL_STUB_MESSAGE pStubMsg, BOOL init, IStream **stream)
{ {
RpcStreamImpl *This; RpcStreamImpl *This;
*stream = NULL;
This = HeapAlloc(GetProcessHeap(),HEAP_ZERO_MEMORY,sizeof(RpcStreamImpl)); This = HeapAlloc(GetProcessHeap(),HEAP_ZERO_MEMORY,sizeof(RpcStreamImpl));
if (!This) return NULL; if (!This) return E_OUTOFMEMORY;
This->IStream_iface.lpVtbl = &RpcStream_Vtbl; This->IStream_iface.lpVtbl = &RpcStream_Vtbl;
This->RefCount = 1; This->RefCount = 1;
This->pMsg = pStubMsg; This->pMsg = pStubMsg;
...@@ -225,7 +227,8 @@ static LPSTREAM RpcStream_Create(PMIDL_STUB_MESSAGE pStubMsg, BOOL init) ...@@ -225,7 +227,8 @@ static LPSTREAM RpcStream_Create(PMIDL_STUB_MESSAGE pStubMsg, BOOL init)
This->pos = 0; This->pos = 0;
if (init) *This->size = 0; if (init) *This->size = 0;
TRACE("init size=%d\n", *This->size); TRACE("init size=%d\n", *This->size);
return (LPSTREAM)This; *stream = &This->IStream_iface;
return S_OK;
} }
static const IID* get_ip_iid(PMIDL_STUB_MESSAGE pStubMsg, unsigned char *pMemory, PFORMAT_STRING pFormat) static const IID* get_ip_iid(PMIDL_STUB_MESSAGE pStubMsg, unsigned char *pMemory, PFORMAT_STRING pFormat)
...@@ -260,19 +263,17 @@ unsigned char * WINAPI NdrInterfacePointerMarshall(PMIDL_STUB_MESSAGE pStubMsg, ...@@ -260,19 +263,17 @@ unsigned char * WINAPI NdrInterfacePointerMarshall(PMIDL_STUB_MESSAGE pStubMsg,
pStubMsg->MaxCount = 0; pStubMsg->MaxCount = 0;
if (!LoadCOM()) return NULL; if (!LoadCOM()) return NULL;
if (pStubMsg->Buffer + sizeof(DWORD) <= (unsigned char *)pStubMsg->RpcMsg->Buffer + pStubMsg->BufferLength) { if (pStubMsg->Buffer + sizeof(DWORD) <= (unsigned char *)pStubMsg->RpcMsg->Buffer + pStubMsg->BufferLength) {
stream = RpcStream_Create(pStubMsg, TRUE); hr = RpcStream_Create(pStubMsg, TRUE, &stream);
if (stream) { if (hr == S_OK) {
if (pMemory) if (pMemory)
hr = COM_MarshalInterface(stream, riid, (LPUNKNOWN)pMemory, hr = COM_MarshalInterface(stream, riid, (LPUNKNOWN)pMemory,
pStubMsg->dwDestContext, pStubMsg->pvDestContext, pStubMsg->dwDestContext, pStubMsg->pvDestContext,
MSHLFLAGS_NORMAL); MSHLFLAGS_NORMAL);
else
hr = S_OK;
IStream_Release(stream); IStream_Release(stream);
if (FAILED(hr))
RpcRaiseException(hr);
} }
if (FAILED(hr))
RpcRaiseException(hr);
} }
return NULL; return NULL;
} }
...@@ -292,13 +293,14 @@ unsigned char * WINAPI NdrInterfacePointerUnmarshall(PMIDL_STUB_MESSAGE pStubMsg ...@@ -292,13 +293,14 @@ unsigned char * WINAPI NdrInterfacePointerUnmarshall(PMIDL_STUB_MESSAGE pStubMsg
if (!LoadCOM()) return NULL; if (!LoadCOM()) return NULL;
*(LPVOID*)ppMemory = NULL; *(LPVOID*)ppMemory = NULL;
if (pStubMsg->Buffer + sizeof(DWORD) < (unsigned char *)pStubMsg->RpcMsg->Buffer + pStubMsg->BufferLength) { if (pStubMsg->Buffer + sizeof(DWORD) < (unsigned char *)pStubMsg->RpcMsg->Buffer + pStubMsg->BufferLength) {
stream = RpcStream_Create(pStubMsg, FALSE); hr = RpcStream_Create(pStubMsg, FALSE, &stream);
if (!stream) RpcRaiseException(E_OUTOFMEMORY); if (hr == S_OK) {
if (*((RpcStreamImpl *)stream)->size != 0) if (*((RpcStreamImpl *)stream)->size != 0)
hr = COM_UnmarshalInterface(stream, &IID_NULL, (LPVOID*)ppMemory); hr = COM_UnmarshalInterface(stream, &IID_NULL, (LPVOID*)ppMemory);
else
hr = S_OK; IStream_Release(stream);
IStream_Release(stream); }
if (FAILED(hr)) if (FAILED(hr))
RpcRaiseException(hr); RpcRaiseException(hr);
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment