Index: reactos/win32ss/user/ntuser/class.c =================================================================== --- reactos/win32ss/user/ntuser/class.c (revision 72796) +++ reactos/win32ss/user/ntuser/class.c (working copy) @@ -334,31 +334,47 @@ IntRegisterClassAtom(IN PUNICODE_STRING ClassName, OUT RTL_ATOM *pAtom) { - WCHAR szBuf[65]; + NTSTATUS Status; + DWORD Size; PWSTR AtomName; - NTSTATUS Status; + PWSTR Allocated = NULL; - if (ClassName->Length != 0) + _SEH2_TRY { - /* FIXME: Don't limit to 64 characters! Use SEH when allocating memory! */ - if (ClassName->Length / sizeof(WCHAR) >= sizeof(szBuf) / sizeof(szBuf[0])) + if (ClassName->Length != 0) { - EngSetLastError(ERROR_INVALID_PARAMETER); - return (RTL_ATOM)0; + /* allocate a buffer */ + Size = ClassName->Length + sizeof(WCHAR); + Allocated = UserHeapAlloc(Size); + if (!Allocated) + { + _SEH2_YIELD(return STATUS_INSUFFICIENT_RESOURCES); + } + + /* store string */ + RtlCopyMemory(Allocated, ClassName->Buffer, ClassName->Length); + Allocated[ClassName->Length / sizeof(WCHAR)] = UNICODE_NULL; + AtomName = Allocated; } + else + { + AtomName = ClassName->Buffer; + } - RtlCopyMemory(szBuf, - ClassName->Buffer, - ClassName->Length); - szBuf[ClassName->Length / sizeof(WCHAR)] = UNICODE_NULL; - AtomName = szBuf; + /* add atom */ + Status = RtlAddAtomToAtomTable(gAtomTable, AtomName, pAtom); } - else - AtomName = ClassName->Buffer; + _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER) + { + Status = _SEH2_GetExceptionCode(); + } + _SEH2_END; - Status = RtlAddAtomToAtomTable(gAtomTable, - AtomName, - pAtom); + /* free the buffer */ + if (Allocated) + { + UserHeapFree(Allocated); + } if (!NT_SUCCESS(Status)) { @@ -1270,43 +1286,35 @@ _Out_ RTL_ATOM *Atom) { BOOL Ret = FALSE; + PWSTR Allocated; + NTSTATUS Status; + DWORD Size; - if (ClassName->Length != 0) + if (ClassName->Length == 0) { - WCHAR szBuf[65]; - PWSTR AtomName; - NTSTATUS Status; + ASSERT(IS_ATOM(ClassName->Buffer)); + *Atom = (RTL_ATOM)((ULONG_PTR)ClassName->Buffer); + return TRUE; + } - *Atom = 0; + *Atom = 0; - /* NOTE: Caller has to protect the call with SEH! */ - - if (ClassName->Length != 0) + _SEH2_TRY + { + /* allocate a buffer */ + Size = ClassName->Length + sizeof(WCHAR); + Allocated = UserHeapAlloc(Size); + if (!Allocated) { - /* FIXME: Don't limit to 64 characters! use SEH when allocating memory! */ - if (ClassName->Length / sizeof(WCHAR) >= sizeof(szBuf) / sizeof(szBuf[0])) - { - EngSetLastError(ERROR_INVALID_PARAMETER); - return (RTL_ATOM)0; - } - - /* We need to make a local copy of the class name! The caller could - modify the buffer and we could overflow in RtlLookupAtomInAtomTable. - We're protected by SEH, but the ranges that might be accessed were - not probed... */ - RtlCopyMemory(szBuf, - ClassName->Buffer, - ClassName->Length); - szBuf[ClassName->Length / sizeof(WCHAR)] = UNICODE_NULL; - AtomName = szBuf; + _SEH2_YIELD(return STATUS_INSUFFICIENT_RESOURCES); } - else - AtomName = ClassName->Buffer; + /* store string */ + RtlCopyMemory(Allocated, ClassName->Buffer, ClassName->Length); + Allocated[ClassName->Length / sizeof(WCHAR)] = UNICODE_NULL; + /* Lookup the atom */ - Status = RtlLookupAtomInAtomTable(gAtomTable, - AtomName, - Atom); + Status = RtlLookupAtomInAtomTable(gAtomTable, Allocated, Atom); if (NT_SUCCESS(Status)) { Ret = TRUE; @@ -1319,13 +1327,18 @@ } } } - else + _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER) { - ASSERT(IS_ATOM(ClassName->Buffer)); - *Atom = (RTL_ATOM)((ULONG_PTR)ClassName->Buffer); - Ret = TRUE; + Status = _SEH2_GetExceptionCode(); } + _SEH2_END; + /* free the buffer */ + if (Allocated) + { + UserHeapFree(Allocated); + } + return Ret; }