[Bug 33961] New: RPC: server crashes during procedure call that return variable size array as out parameter
wine-bugs at winehq.org
wine-bugs at winehq.org
Fri Jul 5 10:43:47 CDT 2013
http://bugs.winehq.org/show_bug.cgi?id=33961
Bug #: 33961
Summary: RPC: server crashes during procedure call that return
variable size array as out parameter
Product: Wine
Version: 1.6-rc2
Platform: x86
OS/Version: Linux
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: rpc
AssignedTo: wine-bugs at winehq.org
ReportedBy: to_egor at hotmail.com
Classification: Unclassified
RPC server implements an interface that has the following function prototype:
void GetPersons( [out] unsigned long *persons_size,
[out, size_is(,*persons_size)] Person_info_t **persons);
When a function of mentioned prototype is called application crashes when Wine
freeing its internal data used for marshalling.
The core of the bug is because of Wine frees memory used for persons_size
whereas persons_size must be alive and available at the moment of freeing
persons.
--
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the wine-bugs
mailing list