PATCH: GlobalAddAtomA check for invalid ptr
Marcus Meissner
marcus at jet.franken.de
Thu Aug 11 01:58:04 CDT 2005
On Tue, Aug 09, 2005 at 12:13:22PM +0300, Saulius Krasuckas wrote:
> * On Tue, 9 Aug 2005, Marcus Meissner wrote:
> >
> > The Ikea kitchen planner passed 0xcccccccc for some reason and works
> > much better after this patch.
>
> It if uninitialized memory in a case of MSVC and MSVCRTD, I guess.
> BUUUUG in the app. :-)
(...RegisterClassExA calls GlobalAddAtomA...)
I had a look at the disassembly and yes, the program is buggy.
It has a function which goes like this:
func() {
WNDCLASSA wca;
WNDCLASSEXA wcexa;
/* inserted by compiler most likely */
memset(localstackspace, 0xCC, sizeoflocalstackspace);
... initialize fields of wca ...
wcexa.cbSize = sizeof(wcexa);
wcexa.hIconSm = LoadIconA(...);
RegisterClassA(&wca);
RegisterClassExA(&wcexa);
...
}
So wondering why it does not initialize anything of WNDCLASSEXA except cbSize and
hIconSm ...
I think something in the function assumes that wca and wcexa overlap (since WNDCLASSEXA
has this layout:
UINT cbSize;
WNDCLASSA wndclassastuff;
HICON hIconSm;
I really would like to see the sourcecode of this one and how it is broken. ;)
(Programmers of IKEA Kitchen Planner ... Please read.)
So ... now we can:
- fix this program by contacting the developers etc... which is difficult.
- fix WINE by adding a check.
I can only fix WINE.
Ciao, Marcus
Index: dlls/kernel/atom.c
===================================================================
RCS file: /home/wine/wine/dlls/kernel/atom.c,v
retrieving revision 1.8
diff -u -r1.8 atom.c
--- dlls/kernel/atom.c 10 May 2005 15:15:50 -0000 1.8
+++ dlls/kernel/atom.c 9 Aug 2005 06:55:47 -0000
@@ -183,6 +183,10 @@
*/
ATOM WINAPI GlobalAddAtomA( LPCSTR str /* [in] String to add */ )
{
+ if (HIWORD(str) && IsBadStringPtrA(str, MAX_ATOM_LEN)) {
+ SetLastError( ERROR_INVALID_PARAMETER );
+ return 0;
+ }
return ATOM_AddAtomA( str, NULL );
}
More information about the wine-devel
mailing list