Don't trust cbSize
Uwe Bonnes
bon at elektron.ikp.physik.tu-darmstadt.de
Wed Mar 2 10:57:00 CST 2005
Changelog:
dlls/ntdll/heap.c: RtlHeapWalk()
Don't trust the cbSize input parameter
The MS CRT implementation of _heapwalk doesn't explizitly set cbSize. This
may result in a bogus value for cbSize
--
Uwe Bonnes bon at elektron.ikp.physik.tu-darmstadt.de
Institut fuer Kernphysik Schlossgartenstrasse 9 64289 Darmstadt
--------- Tel. 06151 162516 -------- Fax. 06151 164321 ----------
Index: wine/dlls/ntdll/heap.c
===================================================================
RCS file: /home/wine/wine/dlls/ntdll/heap.c,v
retrieving revision 1.33
diff -u -w -r1.33 heap.c
--- wine/dlls/ntdll/heap.c 25 Feb 2005 14:07:57 -0000 1.33
+++ wine/dlls/ntdll/heap.c 2 Mar 2005 16:49:02 -0000
@@ -1503,6 +1503,7 @@
}
else
{
+ ARENA_INUSE *pArena;
ptr = entry->lpData;
sub = &heapPtr->subheap;
while (sub)
@@ -1522,7 +1523,11 @@
ret = STATUS_NO_MORE_ENTRIES;
goto HW_end;
}
-
+ /* Native MSVCRT _heapwalk() doesn't set cbData */
+ pArena = (ARENA_INUSE *)ptr -1;
+ if (pArena->magic == ARENA_INUSE_MAGIC)
+ ptr += pArena->size & ARENA_SIZE_MASK; /* point to next arena */
+ else
ptr += entry->cbData; /* point to next arena */
if (ptr > (char *)currentheap + currentheap->size - 1)
{ /* proceed with next subheap */
More information about the wine-patches
mailing list