[PATCH 2/4] oleaut32: Fix AddFuncDesc() to ignore scodes array length when NULL array pointer is passed
Nikolay Sivov
nsivov at codeweavers.com
Thu Aug 25 12:57:16 CDT 2016
Signed-off-by: Nikolay Sivov <nsivov at codeweavers.com>
---
dlls/oleaut32/tests/typelib.c | 2 ++
dlls/oleaut32/typelib.c | 6 ++++--
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/dlls/oleaut32/tests/typelib.c b/dlls/oleaut32/tests/typelib.c
index 4f43cfe..3fdd245 100644
--- a/dlls/oleaut32/tests/typelib.c
+++ b/dlls/oleaut32/tests/typelib.c
@@ -2033,6 +2033,8 @@ static void test_CreateTypeLib(SYSKIND sys) {
funcdesc.lprgelemdescParam = NULL;
funcdesc.invkind = INVOKE_FUNC;
funcdesc.cParams = 0;
+ funcdesc.cScodes = 1;
+ funcdesc.lprgscode = NULL;
hres = ICreateTypeInfo_AddFuncDesc(createti, 1, &funcdesc);
ok(hres == S_OK, "got %08x\n", hres);
diff --git a/dlls/oleaut32/typelib.c b/dlls/oleaut32/typelib.c
index b0ee5f2..4fdfbeb 100644
--- a/dlls/oleaut32/typelib.c
+++ b/dlls/oleaut32/typelib.c
@@ -10431,11 +10431,13 @@ static HRESULT WINAPI ICreateTypeInfo2_fnAddFuncDesc(ICreateTypeInfo2 *iface,
if (tmp_func_desc.funcdesc.oVft != 0)
tmp_func_desc.funcdesc.oVft |= 1;
- if (funcDesc->cScodes) {
+ if (funcDesc->cScodes && funcDesc->lprgscode) {
tmp_func_desc.funcdesc.lprgscode = heap_alloc(sizeof(SCODE) * funcDesc->cScodes);
memcpy(tmp_func_desc.funcdesc.lprgscode, funcDesc->lprgscode, sizeof(SCODE) * funcDesc->cScodes);
- } else
+ } else {
tmp_func_desc.funcdesc.lprgscode = NULL;
+ tmp_func_desc.funcdesc.cScodes = 0;
+ }
buf_size = TLB_SizeElemDesc(&funcDesc->elemdescFunc);
for (i = 0; i < funcDesc->cParams; ++i) {
--
2.9.3
More information about the wine-patches
mailing list