ReceiveTempSMS
/
Sweden-Number
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Check for overflows with ClrUsed.

This commit is contained in:
Marcus Meissner 2005-02-14 11:08:22 +00:00 committed by Alexandre Julliard
parent 30ed10004b
commit a34c23498f
4 changed files with 15 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
dlls/gdi/dib.c
View File

@ -133,6 +133,7 @@ int DIB_BitmapInfoSize( const BITMAPINFO * info, WORD coloruse )
else /* assume BITMAPINFOHEADER */
{
colors = info->bmiHeader.biClrUsed;
if (colors > 256) colors = 256;
if (!colors && (info->bmiHeader.biBitCount <= 8))
colors = 1 << info->bmiHeader.biBitCount;
return sizeof(BITMAPINFOHEADER) + colors *

13
dlls/oleaut32/olepicture.c
View File

@ -1514,9 +1514,15 @@ static int serializeBMP(HBITMAP hBitmap, void ** ppBuffer, unsigned int * pLengt
GetDIBits(hDC, hBitmap, 0, pInfoBitmap->bmiHeader.biHeight, pPixelData, pInfoBitmap, DIB_RGB_COLORS);
/* Calculate the total length required for the BMP data */
if (pInfoBitmap->bmiHeader.biClrUsed != 0) iNumPaletteEntries = pInfoBitmap->bmiHeader.biClrUsed;
else if (pInfoBitmap->bmiHeader.biBitCount <= 8) iNumPaletteEntries = 1 << pInfoBitmap->bmiHeader.biBitCount;
else iNumPaletteEntries = 0;
if (pInfoBitmap->bmiHeader.biClrUsed != 0) {
iNumPaletteEntries = pInfoBitmap->bmiHeader.biClrUsed;
if (iNumPaletteEntries > 256) iNumPaletteEntries = 256;
} else {
if (pInfoBitmap->bmiHeader.biBitCount <= 8)
iNumPaletteEntries = 1 << pInfoBitmap->bmiHeader.biBitCount;
else
iNumPaletteEntries = 0;
}
*pLength =
sizeof(BITMAPFILEHEADER) +
sizeof(BITMAPINFOHEADER) +
@ -1624,6 +1630,7 @@ static int serializeIcon(HICON hIcon, void ** ppBuffer, unsigned int * pLength)
|| (pInfoBitmap->bmiHeader.biBitCount == 24)
|| (pInfoBitmap->bmiHeader.biBitCount == 32 && pInfoBitmap->bmiHeader.biCompression == BI_RGB)) {
iNumEntriesPalette = pInfoBitmap->bmiHeader.biClrUsed;
if (iNumEntriesPalette > 256) iNumEntriesPalette = 256;
} else if ((pInfoBitmap->bmiHeader.biBitCount == 16 || pInfoBitmap->bmiHeader.biBitCount == 32)
&& pInfoBitmap->bmiHeader.biCompression == BI_BITFIELDS) {
iNumEntriesPalette = 3;

1
dlls/wineps/ps.c
View File

@ -854,6 +854,7 @@ BOOL PSDRV_WriteDIBPatternDict(PSDRV_PDEVICE *physDev, BITMAPINFO *bmi, UINT usa
bits = (char*)bmi + bmi->bmiHeader.biSize;
colours = bmi->bmiHeader.biClrUsed;
if (colours > 256) colours = 256;
if(!colours && bmi->bmiHeader.biBitCount <= 8)
colours = 1 << bmi->bmiHeader.biBitCount;
bits += colours * ((usage == DIB_RGB_COLORS) ?

3
windows/cursoricon.c
View File

@ -219,6 +219,8 @@ static int bitmap_info_size( const BITMAPINFO * info, WORD coloruse )
else /* assume BITMAPINFOHEADER */
{
colors = info->bmiHeader.biClrUsed;
if (colors > 256) /* buffer overflow otherwise */
colors = 256;
if (!colors && (info->bmiHeader.biBitCount <= 8))
colors = 1 << info->bmiHeader.biBitCount;
return sizeof(BITMAPINFOHEADER) + colors *
@ -2043,6 +2045,7 @@ static void DIB_FixColorsToLoadflags(BITMAPINFO * bmi, UINT loadflags, BYTE pix)
{
incr = 4;
colors = bmi->bmiHeader.biClrUsed;
if (colors > 256) colors = 256;
if (!colors && (bpp <= 8)) colors = 1 << bpp;
}