[PATCH] ntdll: fixed bsearch with 0 elements

Marcus Meissner marcus at jet.franken.de
Sun May 23 12:33:34 CDT 2010


Hi,

http://bugs.winehq.org/show_bug.cgi?id=22837

The program calls bsearch with 0 elements and an invalid
pointer. Due to faulty logic we did one compare and crashed in it.

Fixed thusly, testcases added.

Ciao, Marcus
---
 dlls/ntdll/misc.c         |    2 ++
 dlls/ntdll/tests/string.c |    5 +++++
 2 files changed, 7 insertions(+), 0 deletions(-)

diff --git a/dlls/ntdll/misc.c b/dlls/ntdll/misc.c
index eedef65..9963354 100644
--- a/dlls/ntdll/misc.c
+++ b/dlls/ntdll/misc.c
@@ -304,6 +304,8 @@ NTDLL_bsearch( const void *key, const void *base, size_t nmemb,
 {
     int begin, end, cursor;
 
+    if (!nmemb)
+         return NULL;
     begin = 0;
     end = nmemb-1;
     while (1) {
diff --git a/dlls/ntdll/tests/string.c b/dlls/ntdll/tests/string.c
index cd362ed..c30869b 100644
--- a/dlls/ntdll/tests/string.c
+++ b/dlls/ntdll/tests/string.c
@@ -1201,6 +1201,11 @@ static void test_bsearch(void)
     int arr[7] = { 1, 3, 4, 8, 16, 23, 42 };
     int *x, l, i,j ;
 
+    l =42;
+    ok(NULL == p_bsearch (&l, arr, 0, sizeof(arr[0]), intcomparefunc), "failed 0 element search to return NULL\n");
+    l =42;
+    ok(NULL == p_bsearch (&l, NULL, 0, sizeof(arr[0]), intcomparefunc), "failed 0 element with array PTR NULL to return NULL\n");
+
     /* just try all all sizes */
     for (j=1;j<sizeof(arr)/sizeof(arr[0]);j++) {
         for (i=0;i<j;i++) {
-- 
1.5.6



More information about the wine-patches mailing list