user32: Avoid crashing if we can't alloc text buffer

Bruno Jesus 00cpxxx at gmail.com
Sat Dec 3 07:58:07 CST 2011


On Sat, Dec 3, 2011 at 05:55, Nikolay Sivov <bunglehead at gmail.com> wrote:
> On 12/3/2011 04:35, Bruno Jesus wrote:
>
>> If LocalLock fails the buffer is not allocated and get_text_length, which
>> is used in several different places, will make wine crash.
>
> LocalLock doesn't allocate anything. You need to figure out why buffer is
> not allocated at this point.

Thanks for your feedback. I'll try to explain what I did expecting a
hint about what to do next =)

In the file user32/edit.c I added the following in the function EDIT_LockBuffer:
1195                 es->text = LocalLock(es->hloc32W);
1196                 if(!es->text)
1197                     WARN("es->text is NULL - Will crash later (%d
> %d+1)\n",
1198                          countW_new,es->buffer_size);

After running the application these are the last lines from running
with +user32:

trace:edit:EDIT_UnlockBuffer Synchronizing with 32-bit ANSI buffer
trace:edit:EDIT_UnlockBuffer 1 WCHARs translated to 1 bytes
trace:edit:EDIT_UnlockBuffer Resizing 32-bit ANSI buffer from 0 to 32 bytes
trace:edit:EDIT_UnlockBuffer Real new size 32 bytes
warn:edit:EDIT_LockBuffer es->text is NULL - Will crash later (0 > -1+1)
wine: Unhandled page fault on read access to 0x00000000 at address
0x7ed12051 (thread 0025), starting debugger...

If you see edit.c you will notice it's condition was false so the
buffer was not alloc'ed as you can see by the printed message from my
debug above(countW_new,es->buffer_size):
1181                 if(countW_new > es->buffer_size + 1)

I have added the full log to the bug
http://bugs.winehq.org/attachment.cgi?id=37766

Best wishes,
Bruno



More information about the wine-devel mailing list