[PATCH] Exception c0000005 opening JPEG files in FoxPro

Sergio López koro at menteslibres.org
Wed Apr 28 20:26:34 CDT 2004 

Hello,

When Visual FoxPro (tested with versions 6 and 7, wine-20040408) tries
to open a JPEG file, it crash showing a c0000005 exception. The
backtrace of winedbg shows the following API calls:

  0 0x407c0e1d (CURSORICON_SimulateLoadingFromResourceW+0x8d(filename=0x403e63b0, fCursor=0x1, res=0x4074a208, ptr=0x4074a20c) [cursoricon.c:512] in USER32.DLL) (ebp=4074a1d0)
  1 0x407c1d0d (CURSORICON_Load+0x28d(hInstance=0x0, name=0x403e63b0, width=0x20, height=0x20, colors=0x1, fCursor=0x1, loadflags=0x50) [cursoricon.c:799] in USER32.DLL) (ebp=4074a21c)
  2 0x407c4ba0 (LoadImageW+0xb0(hinst=0x0, name=0x403e63b0, type=0x2, desiredx=0x20, desiredy=0x20, loadflags=0x50) [cursoricon.c:2133] in USER32.DLL) (ebp=4074a258)
  3 0x407c4a8f (LoadImageA+0x14f(hinst=0x0, name=0x4074a370, type=0x2, desiredx=0x0, desiredy=0x0, loadflags=0x50) [cursoricon.c:2074] in USER32.DLL) (ebp=4074a334)
  4 0x407c39b5 (LoadCursorFromFileA+0x45(name=0x4074a370) [cursoricon.c:1649] in USER32.DLL) (ebp=4074a358)
  5 0x0053b8c5 (vfp7.exe.EntryPoint+0x13a8c5 in vfp7.exe) (ebp=4074a5e8)
  6 0x00490d4b (vfp7.exe.EntryPoint+0x8fd4b in vfp7.exe) (ebp=4074a78c)
  7 0x004abd03 (vfp7.exe.EntryPoint+0xaad03 in vfp7.exe) (ebp=4074a928)
  8 0x00436a8d (vfp7.exe.EntryPoint+0x35a8d in vfp7.exe) (ebp=0000002b)

The last function (CURSORICON_Simulate...) has a bug that makes the
exception when the opened file isn't in RIFF format. Returning with fail
when the file is in other format avoids the exception, and Visual FoxPro
continue the execution loading correctly the image.

Best regards,

--
Sergio López
koro at menteslibres.org

-------------- next part --------------
--- cursoricon.c.orig	2004-04-29 03:13:11.000000000 +0200
+++ cursoricon.c	2004-04-29 03:13:33.000000000 +0200
@@ -504,6 +504,9 @@
         if (pos>=(LPBYTE)bits+766) goto fail;
       }
     }
+    else
+	goto fail;
+
     if (!(entries = bits->idCount)) goto fail;
     size = sizeof(CURSORICONDIR) + sizeof(CURSORICONDIRENTRY) * (entries - 1);
     _free = (LPBYTE) size;

More information about the wine-devel mailing list