From f44c1f7e1351c065a888d503e8db33921584f119 Mon Sep 17 00:00:00 2001 From: Gerard Patel Date: Fri, 10 Dec 1999 03:23:35 +0000 Subject: [PATCH] Transfer only cbStruct size in BindCtxImpl_S(G)etOptions. --- dlls/ole32/bindctx.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/dlls/ole32/bindctx.c b/dlls/ole32/bindctx.c index 546189b5159..82d07aa12c3 100644 --- a/dlls/ole32/bindctx.c +++ b/dlls/ole32/bindctx.c @@ -302,8 +302,12 @@ HRESULT WINAPI BindCtxImpl_SetBindOptions(IBindCtx* iface,LPBIND_OPTS2 pbindopts if (pbindopts==NULL) return E_POINTER; - This->bindOption2=*pbindopts; - + if (pbindopts->cbStruct > sizeof(BIND_OPTS2)) + { + WARN("invalid size"); + return E_INVALIDARG; /* FIXME : not verified */ + } + memcpy(&This->bindOption2, pbindopts, pbindopts->cbStruct); return S_OK; } @@ -319,8 +323,12 @@ HRESULT WINAPI BindCtxImpl_GetBindOptions(IBindCtx* iface,LPBIND_OPTS2 pbindopts if (pbindopts==NULL) return E_POINTER; - *pbindopts=This->bindOption2; - + if (pbindopts->cbStruct > sizeof(BIND_OPTS2)) + { + WARN("invalid size"); + return E_INVALIDARG; /* FIXME : not verified */ + } + memcpy(pbindopts, &This->bindOption2, pbindopts->cbStruct); return S_OK; }