<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<br>
<br>
<div class="moz-cite-prefix">On 12/24/21 15:25, Bernhard wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAAWc_o+4om=TYVD4gg1tSVLTN=7bOMWZf-OQnkrW8T5-0-9FdA@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="auto">
<div>Thanks for your review Nikolay,<br>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">Nikolay Sivov <<a
href="mailto:nsivov@codeweavers.com" rel="noreferrer
noreferrer" target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">nsivov@codeweavers.com</a>>
schrieb am Fr., 24. Dez. 2021, 09:03:<br>
</div>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex"><br>
<br>
On 12/24/21 01:48, Bernhard Kölbl wrote:<br>
> +#define HSTRING_REFERENCE_FLAG 1<br>
> +<br>
> struct hstring_private<br>
> {<br>
> - LPWSTR buffer;<br>
> + UINT32 flags;<br>
> UINT32 length;<br>
> - BOOL reference;<br>
> - LONG refcount;<br>
> + LONG refcount;<br>
> + LPWSTR ptr;<br>
> };<br>
From what I can tell this still doesn't match native
layout. It also <br>
might be slightly different for references.<br>
</blockquote>
</div>
</div>
<div dir="auto"><br>
</div>
<div dir="auto">Yes it actually doesn't match but I don't know
if it really matters in this case, because HSTRINGs seem to be
passed with this data only. E.g. in the provided bug, the
RoGetActivationFactory function takes a HSTRING as parameter,
but WinRT actually passes a HSTRING_HEADER.</div>
<div dir="auto">The first field in the HSTRING struct seems to
only point at this header struct. WinRT dereferences this
pointer when passing the String.</div>
</div>
</blockquote>
<br>
I don't follow. What do you mean by "WinRT passing a header" and
"WinRT dereferencing this pointer" ? Where is this code?<br>
<br>
<blockquote type="cite"
cite="mid:CAAWc_o+4om=TYVD4gg1tSVLTN=7bOMWZf-OQnkrW8T5-0-9FdA@mail.gmail.com">
<div dir="auto">
<div dir="auto"><br>
</div>
<div dir="auto">
<div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
> static BOOL alloc_string(UINT32 len, HSTRING *out)<br>
> {<br>
> struct hstring_private *priv;<br>
> - priv = HeapAlloc(GetProcessHeap(), 0,
sizeof(*priv) + (len + 1) * sizeof(*priv->buffer));<br>
> + priv = HeapAlloc(GetProcessHeap(), 0,
sizeof(*priv));<br>
> if (!priv)<br>
> return FALSE;<br>
> - priv->buffer = (LPWSTR)(priv + 1);<br>
> + priv->ptr =
(LPWSTR)HeapAlloc(GetProcessHeap(), 0, (len + 1) *
sizeof(*priv->ptr));<br>
I don't see this behaviour on Windows.<br>
</blockquote>
</div>
</div>
<div dir="auto"><br>
</div>
<div dir="auto">Could explain this one a bit more? (I'm not much
into how Windows libraries allocate memory.) Maybe I'm
overseeing a obvious mistake.</div>
</div>
</blockquote>
<br>
I don't think it's justified to have separate allocation for string
buffer.<br>
<br>
<blockquote type="cite"
cite="mid:CAAWc_o+4om=TYVD4gg1tSVLTN=7bOMWZf-OQnkrW8T5-0-9FdA@mail.gmail.com">
<div dir="auto">
<div dir="auto"><br>
</div>
<div dir="auto">
<div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
But anyway, do you have any idea why application would
care? Is it some <br>
statically linked code depending on it, or some native
module bundled or <br>
installed separately?<br>
</blockquote>
</div>
</div>
<div dir="auto"><br>
</div>
<div dir="auto">Well, the programs (also WinRT) from the
Wine-bug suffer from the same issue, which to me looks like is
caused by the misarranged struct, which I changed in this
patch. They try to dereference the flags + length field, which
causes a crash or invalid data to be read.</div>
<div dir="auto">I actually don't know why it worked in Wine
before. Maybe by luck? </div>
<div dir="auto">(Also: The code that arranges the HSTRING struct
members in memory this way, is compiled into the binary from
the WinRT headers)</div>
</div>
</blockquote>
<br>
Which headers in particular? I'd like to read through that, maybe we
can easily match it.<br>
<br>
<blockquote type="cite"
cite="mid:CAAWc_o+4om=TYVD4gg1tSVLTN=7bOMWZf-OQnkrW8T5-0-9FdA@mail.gmail.com">
<div dir="auto">
<div dir="auto"><br>
</div>
<div dir="auto">
<div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex"><br>
If the layout is stable across Windows releases, we'll
need tests for it.<br>
</blockquote>
</div>
</div>
<div dir="auto"><br>
</div>
<div dir="auto">I think test are the best solution for our open
questions. </div>
<div dir="auto"><br>
</div>
<div dir="auto">Happy holidays</div>
</div>
</blockquote>
<br>
</body>
</html>