[Bug 22514] lstrlen is implemented incorrectly (dlls/kernel32/string.c)
wine-bugs at winehq.org
wine-bugs at winehq.org
Thu Apr 29 04:47:44 CDT 2010
http://bugs.winehq.org/show_bug.cgi?id=22514
--- Comment #15 from Timur Iskhodzhanov <timurrrr at google.com> 2010-04-29 04:47:43 ---
Created an attachment (id=27610)
--> (http://bugs.winehq.org/attachment.cgi?id=27610)
A simple test that shows lstrlen(0) is handled differently to lstrlen(1)
Lei, the test you've proposed is perfectly fine for me.
However, I still disagree about the lstrlen implementation :-)
What I'm trying to say is NULL argument is documented as "OK" in MSDN
http://msdn.microsoft.com/en-us/library/ms647492(VS.85).aspx ->
"lstrlen assumes that lpString is a null-terminated string, or NULL. If it is
not, this could lead to a buffer overrun or a denial of service attack against
your application."
Looks like it doesn't really read from *NULL when run natively:
I've added a call to lstrlenW(1) and ran the program under DrMemory (it's a win
tool similar to Valgrind)
>>>>>>>>>>>>>>>>>>>>>>
$ cl wine.c && wine.exe
5: GetLastError() = 0
7: lstrlenW(NULL) = 0
8: GetLastError() = 0
10: lstrlenW(1) = 0
11: GetLastError() = 0
13: lstrlenA(NULL) = 0
14: GetLastError() = 0
$ drmemory.exe wine.exe
5: GetLastError() = 0
7: lstrlenW(NULL) = 0
8: GetLastError() = 0
10: lstrlenW(1) = 0
11: GetLastError() = 0
13: lstrlenA(NULL) = 0
14: GetLastError() = 0
(from logdir/global.XXX.log)
Error #1: UNADDRESSABLE ACCESS: reading 0x00000001-0x00000003 2 byte(s) within
0x00000001-0x00000003
@0:00:00.609 in thread 472
0x7c90fe60 <ntdll.dll+0xfe60>
0x7c809acc <KERNEL32.dll+0x9acc>
0x0040106f <wine.exe+0x106f>
0x0040175c <wine.exe+0x175c>
0x7c817077 <KERNEL32.dll+0x17077>
<<<<<<<<<<<<<<<<<<<<
Also, DrMemory barks if I do strlen(NULL) inside
__try/__except(GetExceptionCode() == EXCEPTION_ACCESS_VIOLATION) section.
It doesn't bark on lstrlenW(0).
That's why I want to add
"if (str == NULL) return 0;"
BEFORE the __try statement.
===================
> And yes, some applications expect an exception when they call lstrlen(NULL),
> and do handle that on their own.
Dmitry, can you please give an example?
--
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the wine-bugs
mailing list