diff --git a/dlls/midimap/midimap.c b/dlls/midimap/midimap.c index a55c722f5f4..5df8472e68a 100644 --- a/dlls/midimap/midimap.c +++ b/dlls/midimap/midimap.c @@ -425,7 +425,7 @@ static DWORD modData(MIDIMAPDATA* mom, DWORD_PTR dwParam) static DWORD modPrepare(MIDIMAPDATA* mom, LPMIDIHDR lpMidiHdr, DWORD_PTR dwSize) { if (MIDIMAP_IsBadData(mom)) return MMSYSERR_ERROR; - if (dwSize < sizeof(MIDIHDR) || lpMidiHdr == 0 || + if (dwSize < offsetof(MIDIHDR,dwOffset) || lpMidiHdr == 0 || lpMidiHdr->lpData == 0 || (lpMidiHdr->dwFlags & MHDR_INQUEUE)) return MMSYSERR_INVALPARAM; diff --git a/dlls/winealsa.drv/midi.c b/dlls/winealsa.drv/midi.c index e792c655ba2..00a54bf6bf1 100644 --- a/dlls/winealsa.drv/midi.c +++ b/dlls/winealsa.drv/midi.c @@ -567,7 +567,7 @@ static DWORD midAddBuffer(WORD wDevID, LPMIDIHDR lpMidiHdr, DWORD dwSize) if (MidiInDev[wDevID].state == -1) return MIDIERR_NODEVICE; if (lpMidiHdr == NULL) return MMSYSERR_INVALPARAM; - if (sizeof(MIDIHDR) > dwSize) return MMSYSERR_INVALPARAM; + if (dwSize < offsetof(MIDIHDR,dwOffset)) return MMSYSERR_INVALPARAM; if (lpMidiHdr->dwBufferLength == 0) return MMSYSERR_INVALPARAM; if (lpMidiHdr->dwFlags & MHDR_INQUEUE) return MIDIERR_STILLPLAYING; if (!(lpMidiHdr->dwFlags & MHDR_PREPARED)) return MIDIERR_UNPREPARED; @@ -598,7 +598,7 @@ static DWORD midPrepare(WORD wDevID, LPMIDIHDR lpMidiHdr, DWORD dwSize) { TRACE("(%04X, %p, %08X);\n", wDevID, lpMidiHdr, dwSize); - if (dwSize < sizeof(MIDIHDR) || lpMidiHdr == 0 || + if (dwSize < offsetof(MIDIHDR,dwOffset) || lpMidiHdr == 0 || lpMidiHdr->lpData == 0 || (lpMidiHdr->dwFlags & MHDR_INQUEUE) != 0) return MMSYSERR_INVALPARAM; @@ -619,7 +619,7 @@ static DWORD midUnprepare(WORD wDevID, LPMIDIHDR lpMidiHdr, DWORD dwSize) if (wDevID >= MIDM_NumDevs) return MMSYSERR_BADDEVICEID; if (MidiInDev[wDevID].state == -1) return MIDIERR_NODEVICE; - if (dwSize < sizeof(MIDIHDR) || lpMidiHdr == 0 || + if (dwSize < offsetof(MIDIHDR,dwOffset) || lpMidiHdr == 0 || lpMidiHdr->lpData == 0) return MMSYSERR_INVALPARAM; @@ -1032,7 +1032,7 @@ static DWORD modPrepare(WORD wDevID, LPMIDIHDR lpMidiHdr, DWORD dwSize) * asks to prepare MIDIHDR which dwFlags != 0. * So at least check for the inqueue flag */ - if (dwSize < sizeof(MIDIHDR) || lpMidiHdr == 0 || + if (dwSize < offsetof(MIDIHDR,dwOffset) || lpMidiHdr == 0 || lpMidiHdr->lpData == 0 || (lpMidiHdr->dwFlags & MHDR_INQUEUE) != 0) { WARN("%p %p %08x %d\n", lpMidiHdr, lpMidiHdr ? lpMidiHdr->lpData : NULL, lpMidiHdr ? lpMidiHdr->dwFlags : 0, dwSize); @@ -1057,7 +1057,7 @@ static DWORD modUnprepare(WORD wDevID, LPMIDIHDR lpMidiHdr, DWORD dwSize) return MMSYSERR_NOTENABLED; } - if (dwSize < sizeof(MIDIHDR) || lpMidiHdr == 0) + if (dwSize < offsetof(MIDIHDR,dwOffset) || lpMidiHdr == 0) return MMSYSERR_INVALPARAM; if (lpMidiHdr->dwFlags & MHDR_INQUEUE) return MIDIERR_STILLPLAYING; diff --git a/dlls/winecoreaudio.drv/midi.c b/dlls/winecoreaudio.drv/midi.c index bb105fcb720..56eff5a4e82 100644 --- a/dlls/winecoreaudio.drv/midi.c +++ b/dlls/winecoreaudio.drv/midi.c @@ -463,10 +463,10 @@ static DWORD MIDIOut_Prepare(WORD wDevID, LPMIDIHDR lpMidiHdr, DWORD dwSize) * asks to prepare MIDIHDR which dwFlags != 0. * So at least check for the inqueue flag */ - if (dwSize < sizeof(MIDIHDR) || lpMidiHdr == 0 || + if (dwSize < offsetof(MIDIHDR,dwOffset) || lpMidiHdr == 0 || lpMidiHdr->lpData == 0 || (lpMidiHdr->dwFlags & MHDR_INQUEUE) != 0) { WARN("%p %p %08x %lu/%d\n", lpMidiHdr, lpMidiHdr->lpData, - lpMidiHdr->dwFlags, sizeof(MIDIHDR), dwSize); + lpMidiHdr->dwFlags, offsetof(MIDIHDR,dwOffset), dwSize); return MMSYSERR_INVALPARAM; } @@ -487,7 +487,7 @@ static DWORD MIDIOut_Unprepare(WORD wDevID, LPMIDIHDR lpMidiHdr, DWORD dwSize) WARN("bad device ID : %d\n", wDevID); return MMSYSERR_BADDEVICEID; } - if (dwSize < sizeof(MIDIHDR) || lpMidiHdr == 0) + if (dwSize < offsetof(MIDIHDR,dwOffset) || lpMidiHdr == 0) return MMSYSERR_INVALPARAM; if (lpMidiHdr->dwFlags & MHDR_INQUEUE) return MIDIERR_STILLPLAYING; @@ -666,7 +666,7 @@ static DWORD MIDIIn_AddBuffer(WORD wDevID, LPMIDIHDR lpMidiHdr, DWORD dwSize) WARN("Invalid Parameter\n"); return MMSYSERR_INVALPARAM; } - if (sizeof(MIDIHDR) > dwSize) { + if (dwSize < offsetof(MIDIHDR,dwOffset)) { WARN("Invalid Parameter\n"); return MMSYSERR_INVALPARAM; } @@ -714,7 +714,7 @@ static DWORD MIDIIn_Prepare(WORD wDevID, LPMIDIHDR lpMidiHdr, DWORD dwSize) * asks to prepare MIDIHDR which dwFlags != 0. * So at least check for the inqueue flag */ - if (dwSize < sizeof(MIDIHDR) || lpMidiHdr == 0 || + if (dwSize < offsetof(MIDIHDR,dwOffset) || lpMidiHdr == 0 || lpMidiHdr->lpData == 0 || (lpMidiHdr->dwFlags & MHDR_INQUEUE) != 0) { WARN("Invalid parameter %p %p %08x %d\n", lpMidiHdr, lpMidiHdr->lpData, lpMidiHdr->dwFlags, dwSize); @@ -734,7 +734,7 @@ static DWORD MIDIIn_Unprepare(WORD wDevID, LPMIDIHDR lpMidiHdr, DWORD dwSize) WARN("bad device ID : %d\n", wDevID); return MMSYSERR_BADDEVICEID; } - if (dwSize < sizeof(MIDIHDR) || lpMidiHdr == 0) { + if (dwSize < offsetof(MIDIHDR,dwOffset) || lpMidiHdr == 0) { WARN("Invalid Parameter\n"); return MMSYSERR_INVALPARAM; } diff --git a/dlls/wineoss.drv/midi.c b/dlls/wineoss.drv/midi.c index 52a60666ee3..0945e933710 100644 --- a/dlls/wineoss.drv/midi.c +++ b/dlls/wineoss.drv/midi.c @@ -829,7 +829,7 @@ static DWORD midAddBuffer(WORD wDevID, LPMIDIHDR lpMidiHdr, DWORD dwSize) if (MidiInDev[wDevID].state == -1) return MIDIERR_NODEVICE; if (lpMidiHdr == NULL) return MMSYSERR_INVALPARAM; - if (sizeof(MIDIHDR) > dwSize) return MMSYSERR_INVALPARAM; + if (dwSize < offsetof(MIDIHDR,dwOffset)) return MMSYSERR_INVALPARAM; if (lpMidiHdr->dwBufferLength == 0) return MMSYSERR_INVALPARAM; if (lpMidiHdr->dwFlags & MHDR_INQUEUE) return MIDIERR_STILLPLAYING; if (!(lpMidiHdr->dwFlags & MHDR_PREPARED)) return MIDIERR_UNPREPARED; @@ -861,7 +861,7 @@ static DWORD midPrepare(WORD wDevID, LPMIDIHDR lpMidiHdr, DWORD dwSize) { TRACE("(%04X, %p, %08X);\n", wDevID, lpMidiHdr, dwSize); - if (dwSize < sizeof(MIDIHDR) || lpMidiHdr == 0 || + if (dwSize < offsetof(MIDIHDR,dwOffset) || lpMidiHdr == 0 || lpMidiHdr->lpData == 0 || (lpMidiHdr->dwFlags & MHDR_INQUEUE) != 0) return MMSYSERR_INVALPARAM; @@ -882,7 +882,7 @@ static DWORD midUnprepare(WORD wDevID, LPMIDIHDR lpMidiHdr, DWORD dwSize) if (wDevID >= MIDM_NumDevs) return MMSYSERR_BADDEVICEID; if (MidiInDev[wDevID].state == -1) return MIDIERR_NODEVICE; - if (dwSize < sizeof(MIDIHDR) || lpMidiHdr == 0 || + if (dwSize < offsetof(MIDIHDR,dwOffset) || lpMidiHdr == 0 || lpMidiHdr->lpData == 0) return MMSYSERR_INVALPARAM; @@ -1595,7 +1595,7 @@ static DWORD modPrepare(WORD wDevID, LPMIDIHDR lpMidiHdr, DWORD dwSize) * asks to prepare MIDIHDR which dwFlags != 0. * So at least check for the inqueue flag */ - if (dwSize < sizeof(MIDIHDR) || lpMidiHdr == 0 || + if (dwSize < offsetof(MIDIHDR,dwOffset) || lpMidiHdr == 0 || lpMidiHdr->lpData == 0 || (lpMidiHdr->dwFlags & MHDR_INQUEUE) != 0) { WARN("%p %p %08x %d\n", lpMidiHdr, lpMidiHdr ? lpMidiHdr->lpData : NULL, lpMidiHdr ? lpMidiHdr->dwFlags : 0, dwSize); @@ -1620,7 +1620,7 @@ static DWORD modUnprepare(WORD wDevID, LPMIDIHDR lpMidiHdr, DWORD dwSize) return MMSYSERR_NOTENABLED; } - if (dwSize < sizeof(MIDIHDR) || lpMidiHdr == 0) + if (dwSize < offsetof(MIDIHDR,dwOffset) || lpMidiHdr == 0) return MMSYSERR_INVALPARAM; if (lpMidiHdr->dwFlags & MHDR_INQUEUE) return MIDIERR_STILLPLAYING; diff --git a/dlls/winmm/winmm.c b/dlls/winmm/winmm.c index 06aed09587f..99e0361e6f7 100644 --- a/dlls/winmm/winmm.c +++ b/dlls/winmm/winmm.c @@ -964,7 +964,7 @@ UINT WINAPI midiOutPrepareHeader(HMIDIOUT hMidiOut, TRACE("(%p, %p, %d)\n", hMidiOut, lpMidiOutHdr, uSize); - if (lpMidiOutHdr == NULL || uSize < sizeof (MIDIHDR)) + if (lpMidiOutHdr == NULL || uSize < offsetof(MIDIHDR,dwOffset)) return MMSYSERR_INVALPARAM; if ((wmld = MMDRV_Get(hMidiOut, MMDRV_MIDIOUT, FALSE)) == NULL) @@ -984,7 +984,7 @@ UINT WINAPI midiOutUnprepareHeader(HMIDIOUT hMidiOut, TRACE("(%p, %p, %d)\n", hMidiOut, lpMidiOutHdr, uSize); - if (lpMidiOutHdr == NULL || uSize < sizeof (MIDIHDR)) + if (lpMidiOutHdr == NULL || uSize < offsetof(MIDIHDR,dwOffset)) return MMSYSERR_INVALPARAM; if (!(lpMidiOutHdr->dwFlags & MHDR_PREPARED)) { @@ -1258,7 +1258,7 @@ UINT WINAPI midiInPrepareHeader(HMIDIIN hMidiIn, TRACE("(%p, %p, %d)\n", hMidiIn, lpMidiInHdr, uSize); - if (lpMidiInHdr == NULL || uSize < sizeof (MIDIHDR)) + if (lpMidiInHdr == NULL || uSize < offsetof(MIDIHDR,dwOffset)) return MMSYSERR_INVALPARAM; if ((wmld = MMDRV_Get(hMidiIn, MMDRV_MIDIIN, FALSE)) == NULL) @@ -1277,7 +1277,7 @@ UINT WINAPI midiInUnprepareHeader(HMIDIIN hMidiIn, TRACE("(%p, %p, %d)\n", hMidiIn, lpMidiInHdr, uSize); - if (lpMidiInHdr == NULL || uSize < sizeof (MIDIHDR)) + if (lpMidiInHdr == NULL || uSize < offsetof(MIDIHDR,dwOffset)) return MMSYSERR_INVALPARAM; if (!(lpMidiInHdr->dwFlags & MHDR_PREPARED)) { @@ -1819,7 +1819,7 @@ MMRESULT WINAPI midiStreamOut(HMIDISTRM hMidiStrm, LPMIDIHDR lpMidiHdr, TRACE("(%p, %p, %u)!\n", hMidiStrm, lpMidiHdr, cbMidiHdr); - if (cbMidiHdr < sizeof(MIDIHDR) || !lpMidiHdr || !lpMidiHdr->lpData + if (cbMidiHdr < offsetof(MIDIHDR,dwOffset) || !lpMidiHdr || !lpMidiHdr->lpData || lpMidiHdr->dwBufferLength < lpMidiHdr->dwBytesRecorded) return MMSYSERR_INVALPARAM; /* FIXME: Native additionaly checks if the MIDIEVENTs in lpData diff --git a/include/mmsystem.h b/include/mmsystem.h index dd9723af2cb..d147bf3b123 100644 --- a/include/mmsystem.h +++ b/include/mmsystem.h @@ -718,6 +718,7 @@ typedef struct midihdr_tag { DWORD dwFlags; struct midihdr_tag *lpNext; DWORD_PTR reserved; + /* Win 32 extended the structure with these 2 fields */ DWORD dwOffset; DWORD_PTR dwReserved[8]; } MIDIHDR, *LPMIDIHDR;