diff --git a/accessible/src/windows/ia2/ia2AccessibleAction.cpp b/accessible/src/windows/ia2/ia2AccessibleAction.cpp index 2bbc422b79a..f0968e884c9 100644 --- a/accessible/src/windows/ia2/ia2AccessibleAction.cpp +++ b/accessible/src/windows/ia2/ia2AccessibleAction.cpp @@ -19,6 +19,9 @@ using namespace mozilla::a11y; STDMETHODIMP ia2AccessibleAction::QueryInterface(REFIID iid, void** ppv) { + if (!ppv) + return E_INVALIDARG; + *ppv = nullptr; if (IID_IAccessibleAction == iid) { @@ -73,6 +76,9 @@ ia2AccessibleAction::get_description(long aActionIndex, BSTR *aDescription) { A11Y_TRYBLOCK_BEGIN + if (!aDescription) + return E_INVALIDARG; + *aDescription = nullptr; AccessibleWrap* acc = static_cast(this); @@ -150,6 +156,9 @@ ia2AccessibleAction::get_name(long aActionIndex, BSTR *aName) { A11Y_TRYBLOCK_BEGIN + if (!aName) + return E_INVALIDARG; + *aName = nullptr; AccessibleWrap* acc = static_cast(this); @@ -176,6 +185,9 @@ ia2AccessibleAction::get_localizedName(long aActionIndex, BSTR *aLocalizedName) { A11Y_TRYBLOCK_BEGIN + if (!aLocalizedName) + return E_INVALIDARG; + *aLocalizedName = nullptr; return E_NOTIMPL; diff --git a/accessible/src/windows/ia2/ia2AccessibleComponent.cpp b/accessible/src/windows/ia2/ia2AccessibleComponent.cpp index 352ed033137..3a62ed6bd15 100644 --- a/accessible/src/windows/ia2/ia2AccessibleComponent.cpp +++ b/accessible/src/windows/ia2/ia2AccessibleComponent.cpp @@ -22,6 +22,9 @@ using namespace mozilla::a11y; STDMETHODIMP ia2AccessibleComponent::QueryInterface(REFIID iid, void** ppv) { + if (!ppv) + return E_INVALIDARG; + *ppv = nullptr; if (IID_IAccessibleComponent == iid) { @@ -40,6 +43,9 @@ ia2AccessibleComponent::get_locationInParent(long* aX, long* aY) { A11Y_TRYBLOCK_BEGIN + if (!aX || !aY) + return E_INVALIDARG; + *aX = 0; *aY = 0; @@ -87,6 +93,11 @@ ia2AccessibleComponent::get_foreground(IA2Color* aForeground) { A11Y_TRYBLOCK_BEGIN + if (!aForeground) + return E_INVALIDARG; + + *aForeground = 0; + AccessibleWrap* acc = static_cast(this); if (acc->IsDefunct()) return CO_E_OBJNOTCONNECTED; @@ -105,6 +116,11 @@ ia2AccessibleComponent::get_background(IA2Color* aBackground) { A11Y_TRYBLOCK_BEGIN + if (!aBackground) + return E_INVALIDARG; + + *aBackground = 0; + AccessibleWrap* acc = static_cast(this); if (acc->IsDefunct()) return CO_E_OBJNOTCONNECTED; diff --git a/accessible/src/windows/ia2/ia2AccessibleHyperlink.cpp b/accessible/src/windows/ia2/ia2AccessibleHyperlink.cpp index 74048d2f90f..173857261c2 100644 --- a/accessible/src/windows/ia2/ia2AccessibleHyperlink.cpp +++ b/accessible/src/windows/ia2/ia2AccessibleHyperlink.cpp @@ -19,6 +19,9 @@ using namespace mozilla::a11y; STDMETHODIMP ia2AccessibleHyperlink::QueryInterface(REFIID iid, void** ppv) { + if (!ppv) + return E_INVALIDARG; + *ppv = nullptr; if (IID_IAccessibleHyperlink == iid) { @@ -40,6 +43,9 @@ ia2AccessibleHyperlink::get_anchor(long aIndex, VARIANT* aAnchor) { A11Y_TRYBLOCK_BEGIN + if (!aAnchor) + return E_INVALIDARG; + VariantInit(aAnchor); Accessible* thisObj = static_cast(this); @@ -75,6 +81,9 @@ ia2AccessibleHyperlink::get_anchorTarget(long aIndex, VARIANT* aAnchorTarget) { A11Y_TRYBLOCK_BEGIN + if (!aAnchorTarget) + return E_INVALIDARG; + VariantInit(aAnchorTarget); Accessible* thisObj = static_cast(this); @@ -118,6 +127,9 @@ ia2AccessibleHyperlink::get_startIndex(long* aIndex) { A11Y_TRYBLOCK_BEGIN + if (!aIndex) + return E_INVALIDARG; + *aIndex = 0; Accessible* thisObj = static_cast(this); @@ -138,6 +150,9 @@ ia2AccessibleHyperlink::get_endIndex(long* aIndex) { A11Y_TRYBLOCK_BEGIN + if (!aIndex) + return E_INVALIDARG; + *aIndex = 0; Accessible* thisObj = static_cast(this); @@ -158,6 +173,9 @@ ia2AccessibleHyperlink::get_valid(boolean* aValid) { A11Y_TRYBLOCK_BEGIN + if (!aValid) + return E_INVALIDARG; + *aValid = false; Accessible* thisObj = static_cast(this); diff --git a/accessible/src/windows/ia2/ia2AccessibleHypertext.cpp b/accessible/src/windows/ia2/ia2AccessibleHypertext.cpp index 967ee7bab10..12af891db32 100644 --- a/accessible/src/windows/ia2/ia2AccessibleHypertext.cpp +++ b/accessible/src/windows/ia2/ia2AccessibleHypertext.cpp @@ -21,6 +21,9 @@ ia2AccessibleHypertext::get_nHyperlinks(long* aHyperlinkCount) { A11Y_TRYBLOCK_BEGIN + if (!aHyperlinkCount) + return E_INVALIDARG; + *aHyperlinkCount = 0; HyperTextAccessibleWrap* hyperText = static_cast(this); @@ -39,6 +42,9 @@ ia2AccessibleHypertext::get_hyperlink(long aLinkIndex, { A11Y_TRYBLOCK_BEGIN + if (!aHyperlink) + return E_INVALIDARG; + *aHyperlink = nullptr; HyperTextAccessibleWrap* hyperText = static_cast(this); @@ -62,6 +68,9 @@ ia2AccessibleHypertext::get_hyperlinkIndex(long aCharIndex, long* aHyperlinkInde { A11Y_TRYBLOCK_BEGIN + if (!aHyperlinkIndex) + return E_INVALIDARG; + *aHyperlinkIndex = 0; HyperTextAccessibleWrap* hyperAcc = static_cast(this); diff --git a/accessible/src/windows/ia2/ia2AccessibleImage.cpp b/accessible/src/windows/ia2/ia2AccessibleImage.cpp index 32c1376a02e..116bcbb9083 100644 --- a/accessible/src/windows/ia2/ia2AccessibleImage.cpp +++ b/accessible/src/windows/ia2/ia2AccessibleImage.cpp @@ -23,6 +23,9 @@ using namespace mozilla::a11y; STDMETHODIMP ia2AccessibleImage::QueryInterface(REFIID iid, void** ppv) { + if (!ppv) + return E_INVALIDARG; + *ppv = nullptr; if (IID_IAccessibleImage == iid) { @@ -41,6 +44,9 @@ ia2AccessibleImage::get_description(BSTR* aDescription) { A11Y_TRYBLOCK_BEGIN + if (!aDescription) + return E_INVALIDARG; + *aDescription = nullptr; ImageAccessibleWrap* acc = static_cast(this); @@ -68,6 +74,9 @@ ia2AccessibleImage::get_imagePosition(enum IA2CoordinateType aCoordType, { A11Y_TRYBLOCK_BEGIN + if (!aX || !aY) + return E_INVALIDARG; + *aX = 0; *aY = 0; @@ -96,6 +105,9 @@ ia2AccessibleImage::get_imageSize(long* aHeight, long* aWidth) { A11Y_TRYBLOCK_BEGIN + if (!aHeight || !aWidth) + return E_INVALIDARG; + *aHeight = 0; *aWidth = 0; diff --git a/accessible/src/windows/ia2/ia2AccessibleTable.cpp b/accessible/src/windows/ia2/ia2AccessibleTable.cpp index fffa119e040..1139fe70efa 100644 --- a/accessible/src/windows/ia2/ia2AccessibleTable.cpp +++ b/accessible/src/windows/ia2/ia2AccessibleTable.cpp @@ -26,6 +26,9 @@ using namespace mozilla::a11y; STDMETHODIMP ia2AccessibleTable::QueryInterface(REFIID iid, void** ppv) { + if (!ppv) + return E_INVALIDARG; + *ppv = nullptr; if (IID_IAccessibleTable == iid) { @@ -59,6 +62,9 @@ ia2AccessibleTable::get_caption(IUnknown** aAccessible) { A11Y_TRYBLOCK_BEGIN + if (!aAccessible) + return E_INVALIDARG; + *aAccessible = nullptr; if (!mTable) return CO_E_OBJNOTCONNECTED; @@ -79,6 +85,9 @@ ia2AccessibleTable::get_childIndex(long aRowIdx, long aColIdx, { A11Y_TRYBLOCK_BEGIN + if (!aChildIdx) + return E_INVALIDARG; + *aChildIdx = 0; if (!mTable) return CO_E_OBJNOTCONNECTED; @@ -99,6 +108,9 @@ ia2AccessibleTable::get_columnDescription(long aColIdx, BSTR* aDescription) { A11Y_TRYBLOCK_BEGIN + if (!aDescription) + return E_INVALIDARG; + *aDescription = nullptr; if (!mTable) return CO_E_OBJNOTCONNECTED; @@ -123,6 +135,9 @@ ia2AccessibleTable::get_columnExtentAt(long aRowIdx, long aColIdx, { A11Y_TRYBLOCK_BEGIN + if (!aSpan) + return E_INVALIDARG; + *aSpan = 0; if (!mTable) return CO_E_OBJNOTCONNECTED; @@ -144,6 +159,9 @@ ia2AccessibleTable::get_columnHeader(IAccessibleTable** aAccessibleTable, { A11Y_TRYBLOCK_BEGIN + if (!aAccessibleTable || !aStartingRowIndex) + return E_INVALIDARG; + *aAccessibleTable = nullptr; *aStartingRowIndex = -1; return E_NOTIMPL; @@ -156,6 +174,9 @@ ia2AccessibleTable::get_columnIndex(long aCellIdx, long* aColIdx) { A11Y_TRYBLOCK_BEGIN + if (!aColIdx) + return E_INVALIDARG; + *aColIdx = 0; if (!mTable) return CO_E_OBJNOTCONNECTED; @@ -175,6 +196,9 @@ ia2AccessibleTable::get_nColumns(long* aColCount) { A11Y_TRYBLOCK_BEGIN + if (!aColCount) + return E_INVALIDARG; + *aColCount = 0; if (!mTable) return CO_E_OBJNOTCONNECTED; @@ -190,6 +214,9 @@ ia2AccessibleTable::get_nRows(long* aRowCount) { A11Y_TRYBLOCK_BEGIN + if (!aRowCount) + return E_INVALIDARG; + *aRowCount = 0; if (!mTable) return CO_E_OBJNOTCONNECTED; @@ -211,6 +238,9 @@ ia2AccessibleTable::get_nSelectedColumns(long* aColCount) { A11Y_TRYBLOCK_BEGIN + if (!aColCount) + return E_INVALIDARG; + *aColCount = 0; if (!mTable) return CO_E_OBJNOTCONNECTED; @@ -226,6 +256,9 @@ ia2AccessibleTable::get_nSelectedRows(long* aRowCount) { A11Y_TRYBLOCK_BEGIN + if (!aRowCount) + return E_INVALIDARG; + *aRowCount = 0; if (!mTable) return CO_E_OBJNOTCONNECTED; @@ -242,6 +275,9 @@ ia2AccessibleTable::get_rowDescription(long aRowIdx, BSTR* aDescription) { A11Y_TRYBLOCK_BEGIN + if (!aDescription) + return E_INVALIDARG; + *aDescription = nullptr; if (!mTable) return CO_E_OBJNOTCONNECTED; @@ -265,6 +301,9 @@ ia2AccessibleTable::get_rowExtentAt(long aRowIdx, long aColIdx, long* aSpan) { A11Y_TRYBLOCK_BEGIN + if (!aSpan) + return E_INVALIDARG; + *aSpan = 0; if (!mTable) return CO_E_OBJNOTCONNECTED; @@ -286,6 +325,9 @@ ia2AccessibleTable::get_rowHeader(IAccessibleTable** aAccessibleTable, { A11Y_TRYBLOCK_BEGIN + if (!aAccessibleTable || !aStartingColumnIndex) + return E_INVALIDARG; + *aAccessibleTable = nullptr; *aStartingColumnIndex = -1; return E_NOTIMPL; @@ -298,6 +340,9 @@ ia2AccessibleTable::get_rowIndex(long aCellIdx, long* aRowIdx) { A11Y_TRYBLOCK_BEGIN + if (!aRowIdx) + return E_INVALIDARG; + *aRowIdx = 0; if (!mTable) return CO_E_OBJNOTCONNECTED; @@ -318,6 +363,9 @@ ia2AccessibleTable::get_selectedChildren(long aMaxChildren, long** aChildren, { A11Y_TRYBLOCK_BEGIN + if (!aChildren || !aNChildren) + return E_INVALIDARG; + *aChildren = nullptr; *aNChildren = 0; if (!mTable) @@ -366,6 +414,9 @@ ia2AccessibleTable::get_summary(IUnknown** aAccessible) { A11Y_TRYBLOCK_BEGIN + if (!aAccessible) + return E_INVALIDARG; + // Neither html:table nor xul:tree nor ARIA grid/tree have an ability to // link an accessible object to specify a summary. There is closes method // in nsIAccessibleTable::summary to get a summary as a string which is not @@ -382,6 +433,9 @@ ia2AccessibleTable::get_isColumnSelected(long aColIdx, boolean* aIsSelected) { A11Y_TRYBLOCK_BEGIN + if (!aIsSelected) + return E_INVALIDARG; + *aIsSelected = false; if (!mTable) return CO_E_OBJNOTCONNECTED; @@ -400,6 +454,9 @@ ia2AccessibleTable::get_isRowSelected(long aRowIdx, boolean* aIsSelected) { A11Y_TRYBLOCK_BEGIN + if (!aIsSelected) + return E_INVALIDARG; + *aIsSelected = false; if (!mTable) return CO_E_OBJNOTCONNECTED; @@ -419,6 +476,9 @@ ia2AccessibleTable::get_isSelected(long aRowIdx, long aColIdx, { A11Y_TRYBLOCK_BEGIN + if (!aIsSelected) + return E_INVALIDARG; + *aIsSelected = false; if (!mTable) return CO_E_OBJNOTCONNECTED; @@ -511,6 +571,9 @@ ia2AccessibleTable::get_rowColumnExtentsAtIndex(long aCellIdx, long* aRowIdx, { A11Y_TRYBLOCK_BEGIN + if (!aRowIdx || !aColIdx || !aRowExtents || !aColExtents || !aIsSelected) + return E_INVALIDARG; + *aRowIdx = 0; *aColIdx = 0; *aRowExtents = 0; @@ -550,6 +613,9 @@ ia2AccessibleTable::get_cellAt(long aRowIdx, long aColIdx, IUnknown** aCell) { A11Y_TRYBLOCK_BEGIN + if (!aCell) + return E_INVALIDARG; + *aCell = nullptr; if (!mTable) @@ -571,6 +637,9 @@ ia2AccessibleTable::get_nSelectedCells(long* aCellCount) { A11Y_TRYBLOCK_BEGIN + if (!aCellCount) + return E_INVALIDARG; + *aCellCount = 0; if (!mTable) return CO_E_OBJNOTCONNECTED; @@ -586,6 +655,9 @@ ia2AccessibleTable::get_selectedCells(IUnknown*** aCells, long* aNSelectedCells) { A11Y_TRYBLOCK_BEGIN + if (!aCells || !aNSelectedCells) + return E_INVALIDARG; + *aCells = nullptr; *aNSelectedCells = 0; if (!mTable) @@ -619,6 +691,9 @@ ia2AccessibleTable::get_selectedColumns(long** aColumns, long* aNColumns) { A11Y_TRYBLOCK_BEGIN + if (!aColumns || !aNColumns) + return E_INVALIDARG; + *aColumns = nullptr; *aNColumns = 0; if (!mTable) @@ -646,6 +721,9 @@ ia2AccessibleTable::get_selectedRows(long** aRows, long* aNRows) { A11Y_TRYBLOCK_BEGIN + if (!aRows || !aNRows) + return E_INVALIDARG; + *aRows = nullptr; *aNRows = 0; if (!mTable) diff --git a/accessible/src/windows/ia2/ia2AccessibleTableCell.cpp b/accessible/src/windows/ia2/ia2AccessibleTableCell.cpp index b0dc00feb12..20f0f1ecd7b 100644 --- a/accessible/src/windows/ia2/ia2AccessibleTableCell.cpp +++ b/accessible/src/windows/ia2/ia2AccessibleTableCell.cpp @@ -26,6 +26,9 @@ using namespace mozilla::a11y; STDMETHODIMP ia2AccessibleTableCell::QueryInterface(REFIID iid, void** ppv) { + if (!ppv) + return E_INVALIDARG; + *ppv = nullptr; if (IID_IAccessibleTableCell == iid) { @@ -45,6 +48,9 @@ ia2AccessibleTableCell::get_table(IUnknown** aTable) { A11Y_TRYBLOCK_BEGIN + if (!aTable) + return E_INVALIDARG; + *aTable = nullptr; if (!mTableCell) return CO_E_OBJNOTCONNECTED; @@ -66,6 +72,9 @@ ia2AccessibleTableCell::get_columnExtent(long* aSpan) { A11Y_TRYBLOCK_BEGIN + if (!aSpan) + return E_INVALIDARG; + *aSpan = 0; if (!mTableCell) return CO_E_OBJNOTCONNECTED; @@ -83,6 +92,9 @@ ia2AccessibleTableCell::get_columnHeaderCells(IUnknown*** aCellAccessibles, { A11Y_TRYBLOCK_BEGIN + if (!aCellAccessibles || !aNColumnHeaderCells) + return E_INVALIDARG; + *aCellAccessibles = nullptr; *aNColumnHeaderCells = 0; if (!mTableCell) @@ -115,6 +127,9 @@ ia2AccessibleTableCell::get_columnIndex(long* aColIdx) { A11Y_TRYBLOCK_BEGIN + if (!aColIdx) + return E_INVALIDARG; + *aColIdx = -1; if (!mTableCell) return CO_E_OBJNOTCONNECTED; @@ -130,6 +145,9 @@ ia2AccessibleTableCell::get_rowExtent(long* aSpan) { A11Y_TRYBLOCK_BEGIN + if (!aSpan) + return E_INVALIDARG; + *aSpan = 0; if (!mTableCell) return CO_E_OBJNOTCONNECTED; @@ -146,6 +164,9 @@ ia2AccessibleTableCell::get_rowHeaderCells(IUnknown*** aCellAccessibles, { A11Y_TRYBLOCK_BEGIN + if (!aCellAccessibles || !aNRowHeaderCells) + return E_INVALIDARG; + *aCellAccessibles = nullptr; *aNRowHeaderCells = 0; if (!mTableCell) @@ -177,6 +198,9 @@ ia2AccessibleTableCell::get_rowIndex(long* aRowIdx) { A11Y_TRYBLOCK_BEGIN + if (!aRowIdx) + return E_INVALIDARG; + *aRowIdx = -1; if (!mTableCell) return CO_E_OBJNOTCONNECTED; @@ -195,6 +219,9 @@ ia2AccessibleTableCell::get_rowColumnExtents(long* aRowIdx, long* aColIdx, { A11Y_TRYBLOCK_BEGIN + if (!aRowIdx || !aColIdx || !aRowExtents || !aColExtents || !aIsSelected) + return E_INVALIDARG; + *aRowIdx = *aColIdx = *aRowExtents = *aColExtents = 0; *aIsSelected = false; if (!mTableCell) @@ -216,6 +243,9 @@ ia2AccessibleTableCell::get_isSelected(boolean* aIsSelected) { A11Y_TRYBLOCK_BEGIN + if (!aIsSelected) + return E_INVALIDARG; + *aIsSelected = false; if (!mTableCell) return CO_E_OBJNOTCONNECTED; diff --git a/accessible/src/windows/ia2/ia2AccessibleText.cpp b/accessible/src/windows/ia2/ia2AccessibleText.cpp index 22ed756bdcd..3b9d9663dc1 100644 --- a/accessible/src/windows/ia2/ia2AccessibleText.cpp +++ b/accessible/src/windows/ia2/ia2AccessibleText.cpp @@ -76,6 +76,9 @@ ia2AccessibleText::get_caretOffset(long *aOffset) { A11Y_TRYBLOCK_BEGIN + if (!aOffset) + return E_INVALIDARG; + *aOffset = -1; HyperTextAccessible* textAcc = static_cast(this); @@ -101,6 +104,9 @@ ia2AccessibleText::get_characterExtents(long aOffset, { A11Y_TRYBLOCK_BEGIN + if (!aX || !aY || !aWidth || !aHeight) + return E_INVALIDARG; + *aX = 0; *aY = 0; *aWidth = 0; @@ -134,6 +140,9 @@ ia2AccessibleText::get_nSelections(long *aNSelections) { A11Y_TRYBLOCK_BEGIN + if (!aNSelections) + return E_INVALIDARG; + *aNSelections = 0; HyperTextAccessible* textAcc = static_cast(this); @@ -158,6 +167,9 @@ ia2AccessibleText::get_offsetAtPoint(long aX, long aY, { A11Y_TRYBLOCK_BEGIN + if (!aOffset) + return E_INVALIDARG; + *aOffset = 0; HyperTextAccessible* textAcc = static_cast(this); @@ -185,6 +197,9 @@ ia2AccessibleText::get_selection(long aSelectionIndex, long *aStartOffset, { A11Y_TRYBLOCK_BEGIN + if (!aStartOffset || !aEndOffset) + return E_INVALIDARG; + *aStartOffset = 0; *aEndOffset = 0; @@ -210,6 +225,9 @@ ia2AccessibleText::get_text(long aStartOffset, long aEndOffset, BSTR *aText) { A11Y_TRYBLOCK_BEGIN + if (!aText) + return E_INVALIDARG; + *aText = nullptr; HyperTextAccessible* textAcc = static_cast(this); @@ -238,6 +256,9 @@ ia2AccessibleText::get_textBeforeOffset(long aOffset, { A11Y_TRYBLOCK_BEGIN + if (!aStartOffset || !aEndOffset || !aText) + return E_INVALIDARG; + *aStartOffset = 0; *aEndOffset = 0; *aText = nullptr; @@ -285,6 +306,9 @@ ia2AccessibleText::get_textAfterOffset(long aOffset, { A11Y_TRYBLOCK_BEGIN + if (!aStartOffset || !aEndOffset || !aText) + return E_INVALIDARG; + *aStartOffset = 0; *aEndOffset = 0; *aText = nullptr; @@ -332,6 +356,9 @@ ia2AccessibleText::get_textAtOffset(long aOffset, { A11Y_TRYBLOCK_BEGIN + if (!aStartOffset || !aEndOffset || !aText) + return E_INVALIDARG; + *aStartOffset = 0; *aEndOffset = 0; *aText = nullptr; @@ -423,6 +450,9 @@ ia2AccessibleText::get_nCharacters(long *aNCharacters) { A11Y_TRYBLOCK_BEGIN + if (!aNCharacters) + return E_INVALIDARG; + *aNCharacters = 0; HyperTextAccessible* textAcc = static_cast(this); @@ -499,6 +529,9 @@ HRESULT ia2AccessibleText::GetModifiedText(bool aGetInsertedText, IA2TextSegment *aText) { + if (!aText) + return E_INVALIDARG; + uint32_t startOffset = 0, endOffset = 0; nsAutoString text; diff --git a/accessible/src/windows/ia2/ia2AccessibleValue.cpp b/accessible/src/windows/ia2/ia2AccessibleValue.cpp index d9c13b53317..7634ad9aa0a 100644 --- a/accessible/src/windows/ia2/ia2AccessibleValue.cpp +++ b/accessible/src/windows/ia2/ia2AccessibleValue.cpp @@ -20,6 +20,9 @@ using namespace mozilla::a11y; STDMETHODIMP ia2AccessibleValue::QueryInterface(REFIID iid, void** ppv) { + if (!ppv) + return E_INVALIDARG; + *ppv = nullptr; if (IID_IAccessibleValue == iid) { @@ -43,6 +46,9 @@ ia2AccessibleValue::get_currentValue(VARIANT* aCurrentValue) { A11Y_TRYBLOCK_BEGIN + if (!aCurrentValue) + return E_INVALIDARG; + VariantInit(aCurrentValue); AccessibleWrap* valueAcc = static_cast(this); @@ -84,6 +90,9 @@ ia2AccessibleValue::get_maximumValue(VARIANT* aMaximumValue) { A11Y_TRYBLOCK_BEGIN + if (!aMaximumValue) + return E_INVALIDARG; + VariantInit(aMaximumValue); AccessibleWrap* valueAcc = static_cast(this); @@ -107,6 +116,9 @@ ia2AccessibleValue::get_minimumValue(VARIANT* aMinimumValue) { A11Y_TRYBLOCK_BEGIN + if (!aMinimumValue) + return E_INVALIDARG; + VariantInit(aMinimumValue); AccessibleWrap* valueAcc = static_cast(this); diff --git a/accessible/src/windows/msaa/AccessibleWrap.cpp b/accessible/src/windows/msaa/AccessibleWrap.cpp index a7c45ab5125..e220b030554 100644 --- a/accessible/src/windows/msaa/AccessibleWrap.cpp +++ b/accessible/src/windows/msaa/AccessibleWrap.cpp @@ -78,6 +78,9 @@ AccessibleWrap::QueryInterface(REFIID iid, void** ppv) { A11Y_TRYBLOCK_BEGIN + if (!ppv) + return E_INVALIDARG; + *ppv = nullptr; if (IID_IUnknown == iid || IID_IDispatch == iid || IID_IAccessible == iid) @@ -135,6 +138,9 @@ AccessibleWrap::get_accParent( IDispatch __RPC_FAR *__RPC_FAR *ppdispParent) { A11Y_TRYBLOCK_BEGIN + if (!ppdispParent) + return E_INVALIDARG; + *ppdispParent = nullptr; if (IsDefunct()) @@ -195,6 +201,9 @@ AccessibleWrap::get_accChild( { A11Y_TRYBLOCK_BEGIN + if (!ppdispChild) + return E_INVALIDARG; + *ppdispChild = nullptr; if (IsDefunct()) return CO_E_OBJNOTCONNECTED; @@ -224,6 +233,9 @@ AccessibleWrap::get_accName( { A11Y_TRYBLOCK_BEGIN + if (!pszName) + return E_INVALIDARG; + *pszName = nullptr; if (IsDefunct()) @@ -261,6 +273,9 @@ AccessibleWrap::get_accValue( { A11Y_TRYBLOCK_BEGIN + if (!pszValue) + return E_INVALIDARG; + *pszValue = nullptr; if (IsDefunct()) @@ -299,6 +314,9 @@ AccessibleWrap::get_accDescription(VARIANT varChild, { A11Y_TRYBLOCK_BEGIN + if (!pszDescription) + return E_INVALIDARG; + *pszDescription = nullptr; if (IsDefunct()) @@ -328,6 +346,9 @@ AccessibleWrap::get_accRole( { A11Y_TRYBLOCK_BEGIN + if (!pvarRole) + return E_INVALIDARG; + VariantInit(pvarRole); if (IsDefunct()) @@ -423,6 +444,9 @@ AccessibleWrap::get_accState( { A11Y_TRYBLOCK_BEGIN + if (!pvarState) + return E_INVALIDARG; + VariantInit(pvarState); pvarState->vt = VT_I4; pvarState->lVal = 0; @@ -461,6 +485,9 @@ AccessibleWrap::get_accHelp( { A11Y_TRYBLOCK_BEGIN + if (!pszHelp) + return E_INVALIDARG; + *pszHelp = nullptr; return S_FALSE; @@ -475,6 +502,9 @@ AccessibleWrap::get_accHelpTopic( { A11Y_TRYBLOCK_BEGIN + if (!pszHelpFile || !pidTopic) + return E_INVALIDARG; + *pszHelpFile = nullptr; *pidTopic = 0; return S_FALSE; @@ -523,6 +553,11 @@ AccessibleWrap::get_accFocus( { A11Y_TRYBLOCK_BEGIN + if (!pvarChild) + return E_INVALIDARG; + + VariantInit(pvarChild); + // VT_EMPTY: None. This object does not have the keyboard focus itself // and does not contain a child that has the keyboard focus. // VT_I4: lVal is CHILDID_SELF. The object itself has the keyboard focus. @@ -532,8 +567,6 @@ AccessibleWrap::get_accFocus( if (IsDefunct()) return CO_E_OBJNOTCONNECTED; - VariantInit(pvarChild); - // Return the current IAccessible child that has focus Accessible* focusedAccessible = FocusedChild(); if (focusedAccessible == this) { @@ -692,6 +725,9 @@ AccessibleWrap::get_accSelection(VARIANT __RPC_FAR *pvarChildren) { A11Y_TRYBLOCK_BEGIN + if (!pvarChildren) + return E_INVALIDARG; + VariantInit(pvarChildren); pvarChildren->vt = VT_EMPTY; @@ -724,6 +760,9 @@ AccessibleWrap::get_accDefaultAction( { A11Y_TRYBLOCK_BEGIN + if (!pszDefaultAction) + return E_INVALIDARG; + *pszDefaultAction = nullptr; if (IsDefunct()) @@ -800,6 +839,14 @@ AccessibleWrap::accLocation( { A11Y_TRYBLOCK_BEGIN + if (!pxLeft || !pyTop || !pcxWidth || !pcyHeight) + return E_INVALIDARG; + + *pxLeft = 0; + *pyTop = 0; + *pcxWidth = 0; + *pcyHeight = 0; + if (IsDefunct()) return CO_E_OBJNOTCONNECTED; @@ -834,6 +881,8 @@ AccessibleWrap::accNavigate( if (!pvarEndUpAt) return E_INVALIDARG; + VariantInit(pvarEndUpAt); + if (IsDefunct()) return CO_E_OBJNOTCONNECTED; @@ -844,8 +893,6 @@ AccessibleWrap::accNavigate( if (accessible->IsDefunct()) return CO_E_OBJNOTCONNECTED; - VariantInit(pvarEndUpAt); - Accessible* navAccessible = nullptr; int32_t xpRelation = -1; @@ -952,6 +999,9 @@ AccessibleWrap::accHitTest( { A11Y_TRYBLOCK_BEGIN + if (!pvarChild) + return E_INVALIDARG; + VariantInit(pvarChild); if (IsDefunct()) @@ -1113,6 +1163,9 @@ AccessibleWrap::role(long *aRole) { A11Y_TRYBLOCK_BEGIN + if (!aRole) + return E_INVALIDARG; + *aRole = 0; if (IsDefunct()) @@ -1186,6 +1239,13 @@ AccessibleWrap::get_groupPosition(long *aGroupLevel, { A11Y_TRYBLOCK_BEGIN + if (!aGroupLevel || !aSimilarItemsInGroup || !aPositionInGroup) + return E_INVALIDARG; + + *aGroupLevel = 0; + *aSimilarItemsInGroup = 0; + *aPositionInGroup = 0; + if (IsDefunct()) return CO_E_OBJNOTCONNECTED; @@ -1211,6 +1271,9 @@ AccessibleWrap::get_states(AccessibleStates *aStates) { A11Y_TRYBLOCK_BEGIN + if (!aStates) + return E_INVALIDARG; + *aStates = 0; // XXX: bug 344674 should come with better approach that we have here. @@ -1269,6 +1332,9 @@ AccessibleWrap::get_extendedRole(BSTR *aExtendedRole) { A11Y_TRYBLOCK_BEGIN + if (!aExtendedRole) + return E_INVALIDARG; + *aExtendedRole = nullptr; return E_NOTIMPL; @@ -1280,6 +1346,9 @@ AccessibleWrap::get_localizedExtendedRole(BSTR *aLocalizedExtendedRole) { A11Y_TRYBLOCK_BEGIN + if (!aLocalizedExtendedRole) + return E_INVALIDARG; + *aLocalizedExtendedRole = nullptr; return E_NOTIMPL; @@ -1291,6 +1360,9 @@ AccessibleWrap::get_nExtendedStates(long *aNExtendedStates) { A11Y_TRYBLOCK_BEGIN + if (!aNExtendedStates) + return E_INVALIDARG; + *aNExtendedStates = 0; return E_NOTIMPL; @@ -1304,6 +1376,9 @@ AccessibleWrap::get_extendedStates(long aMaxExtendedStates, { A11Y_TRYBLOCK_BEGIN + if (!aExtendedStates || !aNExtendedStates) + return E_INVALIDARG; + *aExtendedStates = nullptr; *aNExtendedStates = 0; return E_NOTIMPL; @@ -1318,6 +1393,9 @@ AccessibleWrap::get_localizedExtendedStates(long aMaxLocalizedExtendedStates, { A11Y_TRYBLOCK_BEGIN + if (!aLocalizedExtendedStates || !aNLocalizedExtendedStates) + return E_INVALIDARG; + *aLocalizedExtendedStates = nullptr; *aNLocalizedExtendedStates = 0; return E_NOTIMPL; @@ -1330,6 +1408,9 @@ AccessibleWrap::get_uniqueID(long *uniqueID) { A11Y_TRYBLOCK_BEGIN + if (!uniqueID) + return E_INVALIDARG; + *uniqueID = - reinterpret_cast(UniqueID()); return S_OK; @@ -1341,6 +1422,9 @@ AccessibleWrap::get_windowHandle(HWND *aWindowHandle) { A11Y_TRYBLOCK_BEGIN + if (!aWindowHandle) + return E_INVALIDARG; + *aWindowHandle = 0; if (IsDefunct()) @@ -1378,6 +1462,9 @@ AccessibleWrap::get_locale(IA2Locale *aLocale) { A11Y_TRYBLOCK_BEGIN + if (!aLocale) + return E_INVALIDARG; + // Language codes consist of a primary code and a possibly empty series of // subcodes: language-code = primary-code ( "-" subcode )* // Two-letter primary codes are reserved for [ISO639] language abbreviations. @@ -1425,6 +1512,9 @@ AccessibleWrap::get_attributes(BSTR *aAttributes) { A11Y_TRYBLOCK_BEGIN + if (!aAttributes) + return E_INVALIDARG; + // The format is name:value;name:value; with \ for escaping these // characters ":;=,\". *aAttributes = nullptr; @@ -1444,6 +1534,9 @@ AccessibleWrap::get_attributes(BSTR *aAttributes) STDMETHODIMP AccessibleWrap::GetTypeInfoCount(UINT *pctinfo) { + if (!pctinfo) + return E_INVALIDARG; + *pctinfo = 1; return S_OK; } @@ -1451,6 +1544,9 @@ AccessibleWrap::GetTypeInfoCount(UINT *pctinfo) STDMETHODIMP AccessibleWrap::GetTypeInfo(UINT iTInfo, LCID lcid, ITypeInfo **ppTInfo) { + if (!ppTInfo) + return E_INVALIDARG; + *ppTInfo = nullptr; if (iTInfo != 0) diff --git a/accessible/src/windows/msaa/ApplicationAccessibleWrap.cpp b/accessible/src/windows/msaa/ApplicationAccessibleWrap.cpp index b2c57f509dc..89690af337b 100644 --- a/accessible/src/windows/msaa/ApplicationAccessibleWrap.cpp +++ b/accessible/src/windows/msaa/ApplicationAccessibleWrap.cpp @@ -48,6 +48,9 @@ ApplicationAccessibleWrap::NativeAttributes() STDMETHODIMP ApplicationAccessibleWrap::QueryInterface(REFIID iid, void** ppv) { + if (!ppv) + return E_INVALIDARG; + *ppv = nullptr; if (IID_IAccessibleApplication == iid) { @@ -67,6 +70,9 @@ ApplicationAccessibleWrap::get_appName(BSTR* aName) { A11Y_TRYBLOCK_BEGIN + if (!aName) + return E_INVALIDARG; + *aName = nullptr; if (IsDefunct()) @@ -91,6 +97,9 @@ ApplicationAccessibleWrap::get_appVersion(BSTR* aVersion) { A11Y_TRYBLOCK_BEGIN + if (!aVersion) + return E_INVALIDARG; + *aVersion = nullptr; if (IsDefunct()) @@ -115,6 +124,9 @@ ApplicationAccessibleWrap::get_toolkitName(BSTR* aName) { A11Y_TRYBLOCK_BEGIN + if (!aName) + return E_INVALIDARG; + if (IsDefunct()) return CO_E_OBJNOTCONNECTED; @@ -137,6 +149,9 @@ ApplicationAccessibleWrap::get_toolkitVersion(BSTR* aVersion) { A11Y_TRYBLOCK_BEGIN + if (!aVersion) + return E_INVALIDARG; + *aVersion = nullptr; if (IsDefunct()) diff --git a/accessible/src/windows/msaa/DocAccessibleWrap.cpp b/accessible/src/windows/msaa/DocAccessibleWrap.cpp index 9539a78dbe5..cd366d3a6cc 100644 --- a/accessible/src/windows/msaa/DocAccessibleWrap.cpp +++ b/accessible/src/windows/msaa/DocAccessibleWrap.cpp @@ -64,6 +64,9 @@ STDMETHODIMP_(ULONG) DocAccessibleWrap::Release() STDMETHODIMP DocAccessibleWrap::QueryInterface(REFIID iid, void** ppv) { + if (!ppv) + return E_INVALIDARG; + *ppv = nullptr; if (IID_ISimpleDOMDocument != iid) @@ -80,6 +83,9 @@ DocAccessibleWrap::get_URL(/* [out] */ BSTR __RPC_FAR *aURL) { A11Y_TRYBLOCK_BEGIN + if (!aURL) + return E_INVALIDARG; + *aURL = nullptr; nsAutoString URL; @@ -101,6 +107,9 @@ DocAccessibleWrap::get_title( /* [out] */ BSTR __RPC_FAR *aTitle) { A11Y_TRYBLOCK_BEGIN + if (!aTitle) + return E_INVALIDARG; + *aTitle = nullptr; nsAutoString title; @@ -119,6 +128,9 @@ DocAccessibleWrap::get_mimeType(/* [out] */ BSTR __RPC_FAR *aMimeType) { A11Y_TRYBLOCK_BEGIN + if (!aMimeType) + return E_INVALIDARG; + *aMimeType = nullptr; nsAutoString mimeType; @@ -140,6 +152,9 @@ DocAccessibleWrap::get_docType(/* [out] */ BSTR __RPC_FAR *aDocType) { A11Y_TRYBLOCK_BEGIN + if (!aDocType) + return E_INVALIDARG; + *aDocType = nullptr; nsAutoString docType; @@ -162,6 +177,9 @@ DocAccessibleWrap::get_nameSpaceURIForID(/* [in] */ short aNameSpaceID, { A11Y_TRYBLOCK_BEGIN + if (!aNameSpaceURI) + return E_INVALIDARG; + *aNameSpaceURI = nullptr; if (aNameSpaceID < 0) @@ -188,6 +206,9 @@ DocAccessibleWrap::put_alternateViewMediaTypes( /* [in] */ BSTR __RPC_FAR *aComm { A11Y_TRYBLOCK_BEGIN + if (!aCommaSeparatedMediaTypes) + return E_INVALIDARG; + *aCommaSeparatedMediaTypes = nullptr; return E_NOTIMPL; @@ -199,6 +220,9 @@ DocAccessibleWrap::get_accValue( /* [optional][in] */ VARIANT varChild, /* [retval][out] */ BSTR __RPC_FAR *pszValue) { + if (!pszValue) + return E_INVALIDARG; + // For backwards-compat, we still support old MSAA hack to provide URL in accValue *pszValue = nullptr; // Check for real value first