From 095204a9f3bab7a85a96f002ccf5754894502659 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9mi=20Bernon?= <rbernon@codeweavers.com>
Date: Wed, 12 Jan 2022 17:23:59 +0100
Subject: [PATCH] server: Return error when hardware message is too large.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

So that the client allocates a larger receive buffer when needed and not
trigger the assert below when setting the reply message data.

Signed-off-by: Rémi Bernon <rbernon@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
---
 server/queue.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/server/queue.c b/server/queue.c
index f7bc28f39e9..4f69a082b74 100644
--- a/server/queue.c
+++ b/server/queue.c
@@ -2145,6 +2145,14 @@ static int get_hardware_message( struct thread *thread, unsigned int hw_id, user
             clear_bits &= ~get_hardware_msg_bit( msg );
             continue;
         }
+
+        reply->total = msg->data_size;
+        if (msg->data_size > get_reply_max_size())
+        {
+            set_error( STATUS_BUFFER_OVERFLOW );
+            return 1;
+        }
+
         /* now we can return it */
         if (!msg->unique_id) msg->unique_id = get_unique_id();
         reply->type   = MSG_HARDWARE;