https://git.reactos.org/?p=reactos.git;a=commitdiff;h=9414fb6b5911686289bb7b0a692c62280531cb7d
commit 9414fb6b5911686289bb7b0a692c62280531cb7d
Author: Timo Kreuzer <timo.kreu...@reactos.org>
AuthorDate: Thu Sep 5 13:17:18 2024 +0300
Commit: Timo Kreuzer <timo.kreu...@reactos.org>
CommitDate: Sun Sep 8 03:20:52 2024 +0300
[NTGDI] Prevent NULL pointer dereference in CLIPPING_UpdateGCRegion
This can happen, when the paged pool is full. This will probably cause
drawing issues, but at least we don't crash (in this place).
---
win32ss/gdi/ntgdi/cliprgn.c | 27 ++++++++++++++++++++-------
1 file changed, 20 insertions(+), 7 deletions(-)
diff --git a/win32ss/gdi/ntgdi/cliprgn.c b/win32ss/gdi/ntgdi/cliprgn.c
index 35cb97ca6b7..b347d0d12a6 100644
--- a/win32ss/gdi/ntgdi/cliprgn.c
+++ b/win32ss/gdi/ntgdi/cliprgn.c
@@ -11,6 +11,8 @@
#define NDEBUG
#include <debug.h>
+DBG_DEFAULT_CHANNEL(GdiClipRgn);
+
VOID
FASTCALL
IntGdiReleaseRaoRgn(PDC pDC)
@@ -776,16 +778,16 @@ CLIPPING_UpdateGCRegion(PDC pDC)
pDC->prgnAPI = NULL;
}
- if (pDC->prgnRao)
- REGION_Delete(pDC->prgnRao);
-
- pDC->prgnRao = IntSysCreateRectpRgn(0,0,0,0);
-
- ASSERT(pDC->prgnRao);
-
if (pDC->dclevel.prgnMeta || pDC->dclevel.prgnClip)
{
pDC->prgnAPI = IntSysCreateRectpRgn(0,0,0,0);
+ if (!pDC->prgnAPI)
+ {
+ /* Best we can do here. Better than crashing. */
+ ERR("Failed to allocate prgnAPI! Expect drawing issues!\n");
+ return;
+ }
+
if (!pDC->dclevel.prgnMeta)
{
REGION_bCopy(pDC->prgnAPI,
@@ -804,6 +806,17 @@ CLIPPING_UpdateGCRegion(PDC pDC)
}
}
+ if (pDC->prgnRao)
+ REGION_Delete(pDC->prgnRao);
+
+ pDC->prgnRao = IntSysCreateRectpRgn(0,0,0,0);
+ if (!pDC->prgnRao)
+ {
+ /* Best we can do here. Better than crashing. */
+ ERR("Failed to allocate prgnRao! Expect drawing issues!\n");
+ return;
+ }
+
if (pDC->prgnAPI)
{
REGION_bIntersectRegion(pDC->prgnRao,
